Behavioral task
behavioral1
Sample
acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4.exe
Resource
win10v2004-20230220-en
General
-
Target
acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4
-
Size
768KB
-
MD5
bb0dda8f930cfd0e266097ccf47142e1
-
SHA1
40aae6f8ecb199648f7742365cca23e57ee4921a
-
SHA256
acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4
-
SHA512
960a57d2312532d34ab599baec3a743dec90dd14ab1c12671ec41a83079fff23e8e97e971e00e971cc2f983b2da2104b32006dc05f50d8b9a6355e472342244c
-
SSDEEP
12288:kaCnJZWBBHPS20o7MJsH0UgqyLakTEDoL15fUOKGQGv+CaFgIPgzbOZ:k1Ov37oVmWuophhQM+lFg64+
Malware Config
Signatures
-
Processes:
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4
Files
-
acf81025153047b972840eb0790576c406875bd462a92efd056f847b72081ff4.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 537KB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 138KB - Virtual size: 612KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 53KB - Virtual size: 596KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE