3b8478262312b8894f89859640b9a1b970cca2220b229ea04898c57ffb3a0e20 | Triage

Sharing

General

Target

3b8478262312b8894f89859640b9a1b970cca2220b229ea04898c57ffb3a0e20
Size

4.6MB
MD5

c63dd11e0f9a1ae3b5dd7d2b0c3516aa
SHA1

c95075bd92932a71d65cfaafb546c811e910d819
SHA256

3b8478262312b8894f89859640b9a1b970cca2220b229ea04898c57ffb3a0e20
SHA512

6ebd7021689e834774141da72c8958f73357be447207256f51b6309fd7c51dd65401b7af414f810305670b5a73b1d607b13b66504440817d9f5e2b4948d805a3
SSDEEP

98304:15Cg2aaIU6EfD5fWnPzycNkpspmmCW7fd3CYOcOBkChVTSOZHuA:15Ch4TEfD5fezyLpImy7EmOBkChVTSgJ

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b8478262312b8894f89859640b9a1b970cca2220b229ea04898c57ffb3a0e20

Files

3b8478262312b8894f89859640b9a1b970cca2220b229ea04898c57ffb3a0e20
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 332KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4.2MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 27KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE