28bc310e7cea30bb2adfe4e9f7ec915cc7d24a7e61a59b3fc0ca308771f379a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28bc310e7cea30bb2adfe4e9f7ec915cc7d24a7e61a59b3fc0ca308771f379a6
Size

5.7MB
MD5

557b97b84ac9ff291685d3948076e5b9
SHA1

876ae8225e5dc3ccc319a0bf7d1a3d40d1d1aa28
SHA256

28bc310e7cea30bb2adfe4e9f7ec915cc7d24a7e61a59b3fc0ca308771f379a6
SHA512

32ecbe751e720df7acc558192197eb4393e2c9b1bab0184d51d86ca48957f5d190d612fc53e0cfcd32595f5608f0bfc75b532f94dbfca7134243035e68d7616d
SSDEEP

98304:FXw5DR6i4GC9HMJytw4xjSjgWDve+/OVv11QJXc++gEcDvCGDxFN1aozixFXOBZh:FXQDUjGC9HBtLWjLaVdy5c+BDvCG5k/Q

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28bc310e7cea30bb2adfe4e9f7ec915cc7d24a7e61a59b3fc0ca308771f379a6

Files

28bc310e7cea30bb2adfe4e9f7ec915cc7d24a7e61a59b3fc0ca308771f379a6
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3.8MB - Virtual size: 15.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 161KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 392KB - Virtual size: 900KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 16.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE