0b903a1c30bab27e5e920c4888d711211f7a3581eefae12b9c494d3930b9344f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b903a1c30bab27e5e920c4888d711211f7a3581eefae12b9c494d3930b9344f
Size

851KB
MD5

f715dd6a8f9df49b77296cdcd6ed327e
SHA1

14ef2214e2c3302cfd6558d509b24519b941ccf1
SHA256

0b903a1c30bab27e5e920c4888d711211f7a3581eefae12b9c494d3930b9344f
SHA512

fa87e22d918e2a20aa5c9d6c3d147c5068b1fef9da53233e7962a367a45cd4a8dc4199589313127062b7325006f6e667a478e875052b932305b98f3b69399080
SSDEEP

24576:884qF8yetrM5NwjqIu5dlDaCtxnHV5sZMX3NJhexz:V8vrMDwGzT2Ctx32M7hs

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b903a1c30bab27e5e920c4888d711211f7a3581eefae12b9c494d3930b9344f

Files

0b903a1c30bab27e5e920c4888d711211f7a3581eefae12b9c494d3930b9344f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 623KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 176KB - Virtual size: 900KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE