c2ff1b0e0939e41762453659af384d7492d1a9dd8cc04f9a82e878e2fd87e236 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2ff1b0e0939e41762453659af384d7492d1a9dd8cc04f9a82e878e2fd87e236
Size

13.7MB
MD5

ca14b4ea6204b2e69ac7aa2a50b573fe
SHA1

4ad27b61cafa01ef60f0702d442f4189357b578c
SHA256

c2ff1b0e0939e41762453659af384d7492d1a9dd8cc04f9a82e878e2fd87e236
SHA512

1693c98a7582ae1869aa44148ca63f55d4d6a9fde8ea7ebee39d17de49ed8b792b99715ef68e96cf5c910e4d5b1a2f5758fcaac1e9f7b0b55b957a85835fa42a
SSDEEP

196608:wZ7a7+TR3GID2xUbhsDHwzoI1n25l25glnso7g23aMRNHaIhIb8tN5i3daCGh1I:Q7ay5GI4WXAZy2BHaI1M0zdv9

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2ff1b0e0939e41762453659af384d7492d1a9dd8cc04f9a82e878e2fd87e236

Files

c2ff1b0e0939e41762453659af384d7492d1a9dd8cc04f9a82e878e2fd87e236
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13.1MB - Virtual size: 13.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE