261488026bf44ff09e7850d4cc4313e63b6d592db60ae10749406024f83123cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

261488026bf44ff09e7850d4cc4313e63b6d592db60ae10749406024f83123cb
Size

930KB
MD5

58229bce38215e65f51519fd0b8c0a43
SHA1

a8da1228fab4bae6acfae5d029f81bd0cf28920c
SHA256

261488026bf44ff09e7850d4cc4313e63b6d592db60ae10749406024f83123cb
SHA512

7fd47cbb3401946fa6f30a9c6d27e6725e10d7d240b05ccd9d9fe978e0f91b4ad19cc40b217bcfe7535774e5f5e1024bbaca64fc83c63a880bac1987ec536257
SSDEEP

24576:tv2+AV5aY9qTNSYfKo1cVWTp5AJLbjtmKyYsuQRT8:F2nVugYfoep+JLbdB88

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261488026bf44ff09e7850d4cc4313e63b6d592db60ae10749406024f83123cb

Files

261488026bf44ff09e7850d4cc4313e63b6d592db60ae10749406024f83123cb
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 303KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 544KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.web
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE