f0e885fd2ccdf96dd69353ec28136f11[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0e885fd2ccdf96dd69353ec28136f11.bin
Size

12KB
MD5

17ecebfd237ceb2f738d250601dd8d28
SHA1

efe924c3f3ab8d143ee5ef1222fe0e936ca78a0d
SHA256

3d9f74664edffc9300ef0b2ac933105b3d8a50f6079b6919349fa81b81948ca0
SHA512

0b888329de8556b2a63e33360ac23ae2208d63e20191b96b28510ea0ca7dacc9dad2a58eaf96a245fa8e77a30d9c9b40a96244ce81242a85b1a33dd5bfd62ba9
SSDEEP

384:x93wEH4WXmpX/zaxfjzcZZAnL3sAr9Xrd:kYQX/2xfjzc8DjpB

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/2299d295a8b8dd467be869a5009dab65138c0e2699d919cb4674b706ad05db15.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2299d295a8b8dd467be869a5009dab65138c0e2699d919cb4674b706ad05db15.exe

Files

f0e885fd2ccdf96dd69353ec28136f11.bin
.zip

Password: infected
2299d295a8b8dd467be869a5009dab65138c0e2699d919cb4674b706ad05db15.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE