614395ab96638e1d8deb3d3b62b28522bd56438c50038b7267ea09613d3eeeff | Triage

Sharing

General

Target

614395ab96638e1d8deb3d3b62b28522bd56438c50038b7267ea09613d3eeeff
Size

399KB
MD5

b234f8a9feee328ea7d73031c20f2478
SHA1

1a4c531cc3ad79442dd79f91dfb1cacf57bb5c35
SHA256

614395ab96638e1d8deb3d3b62b28522bd56438c50038b7267ea09613d3eeeff
SHA512

b7a20f8b71a62c4f10ff046ad4453e5b0d047017013c6b8507673643791657e174f415d05ea085b3388fe643d1c7a06220461916b71e1d97395564964ebec65e
SSDEEP

12288:BqkFeM2oyAK/kHhef+uDHxPM2mkoLLdPiWnqp:MkFeM9K/u8G2mb0Gqp

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs
Detects executables packed with ASPack v2.12-2.42
aspackv2

Processes:

resource yara_rule

sample aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
614395ab96638e1d8deb3d3b62b28522bd56438c50038b7267ea09613d3eeeff

Files

614395ab96638e1d8deb3d3b62b28522bd56438c50038b7267ea09613d3eeeff
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

BatchSend
CheckvalidateUser

Sections

CODE
Size: 335KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 39KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE