3e7fa4a50b89c225814bf5db41b29bb5699eda01a7e3d395fe4c093afd05f6cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e7fa4a50b89c225814bf5db41b29bb5699eda01a7e3d395fe4c093afd05f6cb
Size

6.3MB
MD5

81a7cb5f3cfe15da6a7c3fef115b2662
SHA1

23ee74d28395f22a3a2e18b5da8fc5517c51e6e4
SHA256

3e7fa4a50b89c225814bf5db41b29bb5699eda01a7e3d395fe4c093afd05f6cb
SHA512

ce4ce2ad5e07f5c03ce1c318fac1b4c663308434fb41b28c66d599c9cc793858b3fcf38653d71d01e8c2703e30abcaeab23d2318f2d6dae2f081a7e658604c71
SSDEEP

98304:kLvj/pxY6bemrP9t5qGKYYm6NHFtkG0GK6Urj6+Yy3sTL8/Ty7Gglym/x6KUI:cvjhxJftQxYD6NHF1n0jF6TYqlymwW

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7fa4a50b89c225814bf5db41b29bb5699eda01a7e3d395fe4c093afd05f6cb

Files

3e7fa4a50b89c225814bf5db41b29bb5699eda01a7e3d395fe4c093afd05f6cb
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 382KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.0MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 81KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 285KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE