59f692417cf21cfab0ddc37048ab235531fc754495a85309733cc37519ebcf02

Sharing

Copy URL Twitter E-mail

General

Target

59f692417cf21cfab0ddc37048ab235531fc754495a85309733cc37519ebcf02
Size

933KB
MD5

fe5bf28805d4e45aec506d178379000a
SHA1

4152f96d73ac2eaf968d9f36ff58d9fed53e5863
SHA256

59f692417cf21cfab0ddc37048ab235531fc754495a85309733cc37519ebcf02
SHA512

402f32ae34bc31ec6e787605f6617630d2f11513fb8dd996405b89832ab5f6495e92dc22edb361afeec8127db884767a7d4bb5b7537d441391fa49a0fed53d22
SSDEEP

12288:LI/KkD1/8Tl23j8EgKKkcseaa9VKaNddR5yDs7w22lN7+Gqs/pAFfoB6h2V9NkMj:cSvh23w/bNL8ohGzTZkMJ5St+GoHJ

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

59f692417cf21cfab0ddc37048ab235531fc754495a85309733cc37519ebcf02
.exe windows x86

Code Sign

38:1d:d9:aa:6e:56:13:83:49:05:55:27:86:8b:a0:71
Certificate

Issuer

CN=佛山大沥松岗飘逸电脑,OU=飘逸电脑,O=飘逸电脑,1.2.840.113549.1.9.1=#0c0f38333430333032344071712e636f6d

Not Before

28/04/2019, 10:07

Not After

31/12/2039, 23:59

Subject

CN=佛山大沥松岗飘逸电脑,OU=飘逸电脑,O=飘逸电脑,1.2.840.113549.1.9.1=#0c0f38333430333032344071712e636f6d

93:02:41:7c:eb:94:37:b9:92:6c:f9:ed:f8:f9:af:aa:21:d8:48:1f
Signer

Actual PE Digest

93:02:41:7c:eb:94:37:b9:92:6c:f9:ed:f8:f9:af:aa:21:d8:48:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 506KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 232KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 166KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

38:1d:d9:aa:6e:56:13:83:49:05:55:27:86:8b:a0:71Certificate

93:02:41:7c:eb:94:37:b9:92:6c:f9:ed:f8:f9:af:aa:21:d8:48:1fSigner

Headers

File Characteristics

Sections

.text Size: 506KB - Virtual size: 1.4MB

.rdata Size: 232KB - Virtual size: 580KB

.data Size: 166KB - Virtual size: 920KB

.rsrc Size: 15KB - Virtual size: 36KB

.aspack Size: 11KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

38:1d:d9:aa:6e:56:13:83:49:05:55:27:86:8b:a0:71
Certificate

93:02:41:7c:eb:94:37:b9:92:6c:f9:ed:f8:f9:af:aa:21:d8:48:1f
Signer

.text
Size: 506KB - Virtual size: 1.4MB

.rdata
Size: 232KB - Virtual size: 580KB

.data
Size: 166KB - Virtual size: 920KB

.rsrc
Size: 15KB - Virtual size: 36KB

.aspack
Size: 11KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB