d2503d1fc7448ae154cc20cc13ce20ff67b1fdbcfe6645c6fd5817a5b76bfc61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2503d1fc7448ae154cc20cc13ce20ff67b1fdbcfe6645c6fd5817a5b76bfc61
Size

243KB
MD5

ad11d42243a0019736cf4f61cf4dab13
SHA1

48f886f74a922aec34ce7c016f20df5f180bee2e
SHA256

d2503d1fc7448ae154cc20cc13ce20ff67b1fdbcfe6645c6fd5817a5b76bfc61
SHA512

06efe7b2347347435706f22da60ebd2abb5b25549097e406240d1874eb2058caa77a6080232aef52eab591c9f174f08452f096dc8d5a62e2b97ccb47dfc240ab
SSDEEP

6144:yA12c+UvywkLuJEalO4tLGhHhuaaO7ZyvI3:L2TQyDaWaAbH8O+I3

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2503d1fc7448ae154cc20cc13ce20ff67b1fdbcfe6645c6fd5817a5b76bfc61

Files

d2503d1fc7448ae154cc20cc13ce20ff67b1fdbcfe6645c6fd5817a5b76bfc61
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 928KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE