8717a1c3de52412804ce32ff26fe590c4f30258a51039b127e99e9bea70aed61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8717a1c3de52412804ce32ff26fe590c4f30258a51039b127e99e9bea70aed61
Size

1.6MB
MD5

6b54801b8038a40d5eb4e556c09b8761
SHA1

288cc54edf615386f6a3f3579a26f5dc202ba16e
SHA256

8717a1c3de52412804ce32ff26fe590c4f30258a51039b127e99e9bea70aed61
SHA512

ac25701e773ab1b54722a4da614bb9db68c7d67f39a614c7f2524253bed26e01245d8c9c1016d961ebd1c02ff137b3feb7927beca2a93b44d8c71ebdfc6fd4f9
SSDEEP

24576:G2G3PkiEWBzzOotySxR9TIIkF2BGj4bwF5sQNejk3WG/kK19Mgk+m:G2KeW8SxRlIgBGj4bOvWkG

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8717a1c3de52412804ce32ff26fe590c4f30258a51039b127e99e9bea70aed61

Files

8717a1c3de52412804ce32ff26fe590c4f30258a51039b127e99e9bea70aed61
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

MouseDriver_ƽ��㷨�ƶ�
MouseDriver_��ƶ�
MouseDriver_��ƶ�
MouseDriver_��֡��ƶ�
_ǿд��װ��
_ǿдж��
��װ��
��
��ȡģ��
��ֽڼ�
��ȡ�豸
��ý��
��ڴ�
д�ֽڼ�
ж��
�޸��
��ؽ��

Sections

.text
Size: 286KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE