682d33db3a4c762c26b9f3147998c8c4cd55e0e44ab397160bd776e26f8dcf41

Sharing

Copy URL Twitter E-mail

General

Target

682d33db3a4c762c26b9f3147998c8c4cd55e0e44ab397160bd776e26f8dcf41
Size

270KB
MD5

65d7a863b9db1e8febcaaaf49190ac0d
SHA1

8200c68c67d619c185d200bb6ecde7152a5a750a
SHA256

682d33db3a4c762c26b9f3147998c8c4cd55e0e44ab397160bd776e26f8dcf41
SHA512

b855f0abee98e48c91a063ad26ef67acdda7924512978da0160cc991982f9e1bd84e58eddd149df5acf420326feff6caee90df796161f0f44484d2dcafce2c4c
SSDEEP

6144:O/YrWfGxfs8zPHpHxvUDlUAFUsmJUutu4Xc8zb13Fmc0lDDkkQFCl:O/rSfnzPHBxvUD7mJf44s8zb1R0Jkk

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
682d33db3a4c762c26b9f3147998c8c4cd55e0e44ab397160bd776e26f8dcf41

Files

682d33db3a4c762c26b9f3147998c8c4cd55e0e44ab397160bd776e26f8dcf41
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CheckRunning
TMethodImplementationIntercept

Sections

.text
Size: 206KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 44KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 206KB - Virtual size: 852KB

.itext Size: 1KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 16KB

.bss Size: - Virtual size: 19KB

.idata Size: 1KB - Virtual size: 4KB

.didata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 44KB - Virtual size: 80KB

.rsrc Size: 3KB - Virtual size: 12KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 206KB - Virtual size: 852KB

.itext
Size: 1KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 16KB

.bss
Size: - Virtual size: 19KB

.idata
Size: 1KB - Virtual size: 4KB

.didata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 44KB - Virtual size: 80KB

.rsrc
Size: 3KB - Virtual size: 12KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB