d3a05c8ea550c02fd54bfef2cc474079b323c224dcc39aed7bbe5e350da95d57 | Triage

Sharing

General

Target

d3a05c8ea550c02fd54bfef2cc474079b323c224dcc39aed7bbe5e350da95d57
Size

374KB
MD5

93b9df578e39aae757e86410bb73f75b
SHA1

dd89787fc16cada85fec5cf8358285e12540229d
SHA256

d3a05c8ea550c02fd54bfef2cc474079b323c224dcc39aed7bbe5e350da95d57
SHA512

578c3721a2b2aa4a43bb7fd9ebdf77f4ef92df4951a55e806d350266d5afc8c612a64d78bfa275b80ff48c8884ac22040712fd3379a0f145c2b4501f1099d147
SSDEEP

6144:jJa46VMtgMUfzG0Vo0iKIZt2gaQlD4dLaFjXiFNUj2s9AT13z7:QKmM2e0iyQl4dLwjXHdux

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs
Detects executables packed with ASPack v2.12-2.42
aspackv2

Processes:

resource yara_rule

sample aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d3a05c8ea550c02fd54bfef2cc474079b323c224dcc39aed7bbe5e350da95d57

Files

d3a05c8ea550c02fd54bfef2cc474079b323c224dcc39aed7bbe5e350da95d57
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

start_speed_2
stop_speed_2
zy_listen_tun_ll

Sections

.text
Size: 244KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zyjsq
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE