bd504978ef8da44062286ba99cd2dbfd5691848757d1f2dfccfa734760fd28ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd504978ef8da44062286ba99cd2dbfd5691848757d1f2dfccfa734760fd28ea
Size

364KB
MD5

cc768cefc6a2fe2dbcb24387e71cb94b
SHA1

7aa21e8f5562e414a5b815b5f2df0a831748154e
SHA256

bd504978ef8da44062286ba99cd2dbfd5691848757d1f2dfccfa734760fd28ea
SHA512

7c9dacf72b4935aa8e1379dd5c81f1e9b57856f67b83141876fb6dc1410bc37386cedfc72a20dd3aafd615817520617cdf833608094a8f9c549c8e0199e171cf
SSDEEP

6144:+YxOlMowq0nyadr5M3iceK433JH9j5tqwd5APoXbfwKDeFf1lFsKYx10Obzeb:lOGrnyEr5Sibn5PXbfoxGze

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd504978ef8da44062286ba99cd2dbfd5691848757d1f2dfccfa734760fd28ea

Files

bd504978ef8da44062286ba99cd2dbfd5691848757d1f2dfccfa734760fd28ea
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 282KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 27KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE