67426dc049b569388d99a5b752009611a993dcae4523af657b893e8bccfcfaba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67426dc049b569388d99a5b752009611a993dcae4523af657b893e8bccfcfaba
Size

4.0MB
MD5

a8f3fc56c7ee482bea9e0eac03d077f4
SHA1

911fc47e58d8cebbc660d1a3b5a907bc547b11c3
SHA256

67426dc049b569388d99a5b752009611a993dcae4523af657b893e8bccfcfaba
SHA512

c00b107383107819701030799863f682e4dc44cbcf773bd2d76476a82d42e1b5f9610f29686b643a0e9496eca16952e7f5fa03d6c04355c6580ff8ebe33c84c7
SSDEEP

98304:Ki9BfVGTXZlTTwPa5MuqcWNP00UqCuLsUeFd90xVLgS7z0+9H8D:Ki9RVwaPG9q/NP0JqCuLZzLJvLH8D

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67426dc049b569388d99a5b752009611a993dcae4523af657b893e8bccfcfaba

Files

67426dc049b569388d99a5b752009611a993dcae4523af657b893e8bccfcfaba
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 293KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.6MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zyjsq2
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE