4d2ebccfea5c5b6dda0ac0d15f3a3f52fea79ed7c61f15a674a4a815601f8c42

Sharing

Copy URL Twitter E-mail

General

Target

4d2ebccfea5c5b6dda0ac0d15f3a3f52fea79ed7c61f15a674a4a815601f8c42
Size

5.2MB
MD5

79f6a1b6e8761bc04f0a90a602994098
SHA1

d11aa87ccf458189f8045dd65fe2b9ec2e058acc
SHA256

4d2ebccfea5c5b6dda0ac0d15f3a3f52fea79ed7c61f15a674a4a815601f8c42
SHA512

376444b6e5d20e4797218baabfdaccfe6ec1a79163d34399093a9656b65a5e80f069673f55b18c4a6c53b118c4b380729307d097cc80443f54704694d0586b82
SSDEEP

98304:Ovdbokc64QVgi9QpkRqx+g6CtDPgb84OV1wBjevjUuSI9raPaOb:Ovd0URQpkRt4V1EjzpIhBOb

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d2ebccfea5c5b6dda0ac0d15f3a3f52fea79ed7c61f15a674a4a815601f8c42

Files

4d2ebccfea5c5b6dda0ac0d15f3a3f52fea79ed7c61f15a674a4a815601f8c42
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EurekaLog_PasswordRequestEvent
ExceptionManager
GetDriverObject

Sections

CODE
Size: 2.9MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 127KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 2.9MB - Virtual size: 8.8MB

DATA Size: 127KB - Virtual size: 224KB

BSS Size: - Virtual size: 36KB

.idata Size: 6KB - Virtual size: 20KB

.edata Size: 512B - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 640KB

.rsrc Size: 2.0MB - Virtual size: 11.1MB

.aspack Size: 164KB - Virtual size: 168KB

.adata Size: - Virtual size: 4KB

CODE
Size: 2.9MB - Virtual size: 8.8MB

DATA
Size: 127KB - Virtual size: 224KB

BSS
Size: - Virtual size: 36KB

.idata
Size: 6KB - Virtual size: 20KB

.edata
Size: 512B - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 640KB

.rsrc
Size: 2.0MB - Virtual size: 11.1MB

.aspack
Size: 164KB - Virtual size: 168KB

.adata
Size: - Virtual size: 4KB