02f3f5d1888af5b86fa73f1a6dab349536fc3203ab812f8ef060db2bb19d8f11

Sharing

Copy URL Twitter E-mail

General

Target

02f3f5d1888af5b86fa73f1a6dab349536fc3203ab812f8ef060db2bb19d8f11
Size

1.5MB
MD5

1cba9bc6697bfdc2c2451cb641f455de
SHA1

d112e144cd10b56761484380bd4d1fcb9aab9aed
SHA256

02f3f5d1888af5b86fa73f1a6dab349536fc3203ab812f8ef060db2bb19d8f11
SHA512

42d2582a24e960f08539ab30c70dca9cc4aa5e4ca1cfb6caa7867d87bd1492e9f221d6d01bb570533e7261ebc74d937426cb1e682dae5893e93385ffaafc06e1
SSDEEP

24576:yU3oo/727cT1emU3rE3nZPoru1I4xQDTMjXUHC72Vwr8HJefarVDL1+zSEg1nA:y5o/724TJU3rqZPWGIVfNi72eqJe21IL

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

02f3f5d1888af5b86fa73f1a6dab349536fc3203ab812f8ef060db2bb19d8f11
.exe windows x86

Code Sign

27:78:9d:f2:bc:cd:48:b0:49:18:fa:1d:4c:57:13:dc
Certificate

Issuer

CN=Smartstar,ST=Hunan,C=China,1.2.840.113549.1.9.1=#0c103337313236363436334071712e636f6d

Not Before

23/10/2022, 05:33

Not After

31/12/2039, 23:59

Subject

CN=Smartstar,ST=Hunan,C=China,1.2.840.113549.1.9.1=#0c103337313236363436334071712e636f6d

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c4:61:bb:54:06:65:c0:e2:04:8d:c9:11:93:15:26:04:c7:e7:70:1c
Signer

Actual PE Digest

c4:61:bb:54:06:65:c0:e2:04:8d:c9:11:93:15:26:04:c7:e7:70:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$10TSpitPanel
@$xp$11TListItemEx
@$xp$11TListViewEx
@$xp$11TTrackBarEx
@$xp$12TImageButton
@$xp$12TListItemsEx
@$xp$13TListColumnEx
@$xp$13TSpliteButton
@$xp$14TListColumnsEx
@$xp$15TListShortcutEx
@$xp$16TListShortcutsEx
@$xp$9TButtonEx
@$xp$9TFolderEx
@$xp$ynpqqrp14System@TObject$v
@@Buttonex@Finalize
@@Buttonex@Initialize
@@Chat@Finalize
@@Chat@Initialize
@@Crc32@Finalize
@@Crc32@Initialize
@@Folderex@Finalize
@@Folderex@Initialize
@@Imagebutton@Finalize
@@Imagebutton@Initialize
@@Listviewex@Finalize
@@Listviewex@Initialize
@@Main@Finalize
@@Main@Initialize
@@Remind@Finalize
@@Remind@Initialize
@@Remotepath@Finalize
@@Remotepath@Initialize
@@Same@Finalize
@@Same@Initialize
@@Schedule@Finalize
@@Schedule@Initialize
@@Spitpanel@Finalize
@@Spitpanel@Initialize
@@Splitebutton@Finalize
@@Splitebutton@Initialize
@@Stp_iocp@Finalize
@@Stp_iocp@Initialize
@@Struct@Finalize
@@Struct@Initialize
@@Trackbarex@Finalize
@@Trackbarex@Initialize
@@Uid@Finalize
@@Uid@Initialize
@Buttonex@Register$qqrv
@Folderex@Register$qqrv
@Imagebutton@Register$qqrv
@Listviewex@Register$qqrv
@Spitpanel@Register$qqrv
@Splitebutton@Register$qqrv
@TButtonEx@
@TButtonEx@$bctr$qqrp18Classes@TComponent
@TButtonEx@$bdtr$qqrv
@TButtonEx@CreateParams$qqrr22Controls@TCreateParams
@TButtonEx@DrawItem$qqrp17tagDRAWITEMSTRUCT
@TButtonEx@FImageChange$qqrp14System@TObject
@TButtonEx@FSetImage$qqrp17Graphics@TPicture
@TButtonEx@FSetImageCount$qqri
@TButtonEx@FSetModalResult$qqr22TButtonEx@TModalResult
@TButtonEx@FSetTransparent$qqro
@TButtonEx@MeasureItem$qqrp20tagMEASUREITEMSTRUCT
@TButtonEx@SetButtonStyle$qqro
@TButtonEx@WndProc$qqrr17Messages@TMessage
@TFolderEx@
@TFolderEx@$bctr$qqrp18Classes@TComponent
@TFolderEx@$bdtr$qqrv
@TFolderEx@Click$qqrv
@TFolderEx@FImageChange$qqrp14System@TObject
@TFolderEx@FSetDivider$qqrp16Graphics@TBitmap
@TFolderEx@FSetDividerSize$qqri
@TFolderEx@FSetImage$qqrp16Graphics@TBitmap
@TFolderEx@FSetImageCount$qqri
@TFolderEx@FixedDisplay$qqrv
@TFolderEx@ItemIndexAtPos$qqrr12Types@TPoint
@TFolderEx@Paint$qqrv
@TFolderEx@WndProc$qqrr17Messages@TMessage
@TImageButton@
@TImageButton@$bctr$qqrp18Classes@TComponent
@TImageButton@$bdtr$qqrv
@TImageButton@CanAutoSize$qqrrit1
@TImageButton@Click$qqrv
@TImageButton@FImageChange$qqrp14System@TObject
@TImageButton@FSetAlignment$qqr18Classes@TAlignment
@TImageButton@FSetCanClick$qqro
@TImageButton@FSetCenter$qqro
@TImageButton@FSetDown$qqro
@TImageButton@FSetHasReflection$qqro
@TImageButton@FSetHasShadow$qqro
@TImageButton@FSetHotTrack$qqro
@TImageButton@FSetIcon$qqrp17Graphics@TPicture
@TImageButton@FSetImage$qqrp17Graphics@TPicture
@TImageButton@FSetImageCount$qqri
@TImageButton@FSetImagePerHeight$qqri
@TImageButton@FSetLeftPending$qqri
@TImageButton@FSetShadowColor$qqr15Graphics@TColor
@TImageButton@FSetStartShowY$qqri
@TImageButton@FSetStretch$qqro
@TImageButton@FSetTransparent$qqro
@TImageButton@Paint$qqrv
@TImageButton@WndProc$qqrr17Messages@TMessage
@TListColumnEx@
@TListColumnEx@$bctr$qqrp19Classes@TCollection
@TListColumnEx@$bdtr$qqrv
@TListColumnEx@Assign$qqrp19Classes@TPersistent
@TListColumnEx@FSetAlignment$qqr18Classes@TAlignment
@TListColumnEx@FSetCaption$qqr20System@UnicodeString
@TListColumnEx@FSetSortType$qqr11TColumnSort
@TListColumnEx@FSetTextColor$qqr15Graphics@TColor
@TListColumnEx@FSetView$qqr11TColumnView
@TListColumnEx@FSetWidth$qqri
@TListColumnEx@GetDisplayName$qqrv
@TListColumnsEx@
@TListColumnsEx@$bctr$qqrp11TListViewEx
@TListColumnsEx@$bdtr$qqrv
@TListColumnsEx@Add$qqrv
@TListColumnsEx@Clear$qqrv
@TListColumnsEx@Delete$qqri
@TListColumnsEx@GetItem$qqri
@TListColumnsEx@GetOwner$qqrv
@TListColumnsEx@Insert$qqri
@TListColumnsEx@SetItem$qqrip13TListColumnEx
@TListColumnsEx@Update$qqrp23Classes@TCollectionItem
@TListItemEx@
@TListItemEx@$bctr$qqrp19Classes@TCollection
@TListItemEx@$bdtr$qqrv
@TListItemEx@Assign$qqrp19Classes@TPersistent
@TListItemEx@FSetCaption$qqr20System@UnicodeString
@TListItemEx@FSetChecked$qqro
@TListItemEx@FSetData$qqrpv
@TListItemEx@FSetExpanded$qqro
@TListItemEx@FSetHIcon$qqrpv
@TListItemEx@FSetHotCount$qqri
@TListItemEx@FSetIsParent$qqro
@TListItemEx@FSetKind$qqr20System@UnicodeString
@TListItemEx@FSetProgress$qqri
@TListItemEx@FSetSubCount$qqri
@TListItemEx@FSetSubItems$qqrp16Classes@TStrings
@TListItemEx@FSetVisible$qqro
@TListItemEx@GetDisplayName$qqrv
@TListItemEx@IsVisible$qqrv
@TListItemsEx@
@TListItemsEx@$bctr$qqrp11TListViewEx
@TListItemsEx@$bdtr$qqrv
@TListItemsEx@Add$qqrv
@TListItemsEx@Clear$qqrv
@TListItemsEx@Delete$qqri
@TListItemsEx@GetItem$qqri
@TListItemsEx@GetOwner$qqrv
@TListItemsEx@Insert$qqri
@TListItemsEx@SetItem$qqrip11TListItemEx
@TListItemsEx@Update$qqrp23Classes@TCollectionItem
@TListShortcutEx@
@TListShortcutEx@$bctr$qqrp19Classes@TCollection
@TListShortcutEx@$bdtr$qqrv
@TListShortcutEx@Assign$qqrp19Classes@TPersistent
@TListShortcutEx@FImageChange$qqrp14System@TObject
@TListShortcutEx@FSetAnimationProgress$qqri
@TListShortcutEx@FSetImage$qqrp16Graphics@TBitmap
@TListShortcutEx@FSetImageCount$qqri
@TListShortcutEx@FSetInParent$qqri
@TListShortcutEx@FSetMouseState$qqro
@TListShortcutEx@FSetPositionX$qqri
@TListShortcutEx@FSetPositionY$qqri
@TListShortcutEx@FSetShowAlways$qqro
@TListShortcutEx@FSetStyle$qqr14TShortcutStyle
@TListShortcutEx@FSetTag$qqri
@TListShortcutEx@FSetText$qqr20System@UnicodeString
@TListShortcutEx@FSetTextColor$qqr15Graphics@TColor
@TListShortcutEx@GetDisplayName$qqrv
@TListShortcutsEx@
@TListShortcutsEx@$bctr$qqrp11TListViewEx
@TListShortcutsEx@$bdtr$qqrv
@TListShortcutsEx@Add$qqrv
@TListShortcutsEx@Clear$qqrv
@TListShortcutsEx@Delete$qqri
@TListShortcutsEx@GetItem$qqri
@TListShortcutsEx@GetOwner$qqrv
@TListShortcutsEx@Insert$qqri
@TListShortcutsEx@SetItem$qqrip15TListShortcutEx
@TListShortcutsEx@Update$qqrp23Classes@TCollectionItem
@TListViewEx@
@TListViewEx@$bctr$qqrp18Classes@TComponent
@TListViewEx@$bdtr$qqrv
@TListViewEx@CustomSort$qqrv
@TListViewEx@Expand$qqrp11TListItemExo
@TListViewEx@FPictureChange$qqrp14System@TObject
@TListViewEx@FSetBackAlign$qqr10TBackAlign
@TListViewEx@FSetBackground$qqrp17Graphics@TPicture
@TListViewEx@FSetCheckboxes$qqro
@TListViewEx@FSetCheckboxesBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetColInterval$qqri
@TListViewEx@FSetColumnClick$qqro
@TListViewEx@FSetColumnsBarBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetColumnsSortBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetCustomShowHint$qqro
@TListViewEx@FSetGridLines$qqro
@TListViewEx@FSetGridLinesBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetHotCountBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetItemIndex$qqri
@TListViewEx@FSetListColumnsEx$qqrp14TListColumnsEx
@TListViewEx@FSetListItemsEx$qqrp12TListItemsEx
@TListViewEx@FSetListShortcutsEx$qqrp16TListShortcutsEx
@TListViewEx@FSetProgressBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetRowInterval$qqri
@TListViewEx@FSetScrollBarBackBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetScrollBarBottomBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetScrollBarThumbBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetScrollBarTopBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetScrollTipsBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetSelectStateBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetSelected$qqrp11TListItemEx
@TListViewEx@FSetShowColumns$qqro
@TListViewEx@FSetTitleButtonBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetTitleLineBitmap$qqrp16Graphics@TBitmap
@TListViewEx@FSetViewKind$qqri
@TListViewEx@FSetViewStyle$qqr12TViewStyleEx
@TListViewEx@ItemIndexAtPos$qqrr12Types@TPointri
@TListViewEx@OnMemoChange$qqrp14System@TObject
@TListViewEx@OnMemoKeyDown$qqrp14System@TObjectrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@TListViewEx@OnMemoKillFocus$qqrp14System@TObject
@TListViewEx@Paint$qqrv
@TListViewEx@PaintGlobalListShortcutsEx$qqrp16Graphics@TCanvas11Types@TRect
@TListViewEx@PaintListColumnsEx$qqrp16Graphics@TCanvas
@TListViewEx@PaintListItemEx$qqrip16Graphics@TCanvaso
@TListViewEx@PaintListItemsEx$qqroo
@TListViewEx@PaintListShortcutsEx$qqrp16Graphics@TCanvas11Types@TRectio
@TListViewEx@RenameCaption$qqro
@TListViewEx@RethinkRect$qqrv
@TListViewEx@SetSetBackgroundMode$qqrp17Graphics@TGraphic10TBackAlign
@TListViewEx@VScroll$qqri
@TListViewEx@WndProc$qqrr17Messages@TMessage
@TSpitPanel@
@TSpitPanel@$bctr$qqrp18Classes@TComponent
@TSpitPanel@$bdtr$qqrv
@TSpitPanel@FImageChange$qqrp14System@TObject
@TSpitPanel@FSetImage1$qqrp17Graphics@TPicture
@TSpitPanel@FSetImage2$qqrp17Graphics@TPicture
@TSpitPanel@FSetImage3$qqrp17Graphics@TPicture
@TSpitPanel@FSetKind$qqr20Forms@TScrollBarKind
@TSpitPanel@FSetTransparent$qqro
@TSpitPanel@Paint$qqrv
@TSpitPanel@WndProc$qqrr17Messages@TMessage
@TSpliteButton@
@TSpliteButton@$bctr$qqrp18Classes@TComponent
@TSpliteButton@$bdtr$qqrv
@TSpliteButton@Click$qqrv
@TSpliteButton@FImageChange$qqrp14System@TObject
@TSpliteButton@FSetComment$qqr20System@UnicodeString
@TSpliteButton@FSetDropped$qqro
@TSpliteButton@FSetImage$qqrp17Graphics@TPicture
@TSpliteButton@FSetImageCount$qqri
@TSpliteButton@FSetLeftPending$qqri
@TSpliteButton@FSetLinePending$qqri
@TSpliteButton@Paint$qqrv
@TSpliteButton@WndProc$qqrr17Messages@TMessage
@TTrackBarEx@
@TTrackBarEx@$bctr$qqrp18Classes@TComponent
@TTrackBarEx@$bdtr$qqrv
@TTrackBarEx@FBitmapChange$qqrp14System@TObject
@TTrackBarEx@FSetBarImage$qqrp17Graphics@TPicture
@TTrackBarEx@FSetFillImage$qqrp17Graphics@TPicture
@TTrackBarEx@FSetMax$qqri
@TTrackBarEx@FSetPosition$qqri
@TTrackBarEx@FSetThumbImage$qqrp17Graphics@TPicture
@TTrackBarEx@FSetTrackBarSize$qqri
@TTrackBarEx@FSetTransparent$qqro
@TTrackBarEx@FSetVertical$qqro
@TTrackBarEx@Paint$qqrv
@TTrackBarEx@WndProc$qqrr17Messages@TMessage
@Trackbarex@Register$qqrv
_ChatForm
_NetSTPMainForm
_RemindForm
_RemotePathForm
_SameForm
_ScheduleForm
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 633KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 641KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

27:78:9d:f2:bc:cd:48:b0:49:18:fa:1d:4c:57:13:dcCertificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

c4:61:bb:54:06:65:c0:e2:04:8d:c9:11:93:15:26:04:c7:e7:70:1cSigner

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 633KB - Virtual size: 1.9MB

.data Size: 70KB - Virtual size: 476KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 16KB

.edata Size: 12KB - Virtual size: 16KB

.rsrc Size: 641KB - Virtual size: 1.8MB

.reloc Size: - Virtual size: 108KB

.aspack Size: 138KB - Virtual size: 140KB

.adata Size: - Virtual size: 4KB

27:78:9d:f2:bc:cd:48:b0:49:18:fa:1d:4c:57:13:dc
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

c4:61:bb:54:06:65:c0:e2:04:8d:c9:11:93:15:26:04:c7:e7:70:1c
Signer

.text
Size: 633KB - Virtual size: 1.9MB

.data
Size: 70KB - Virtual size: 476KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 16KB

.edata
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 641KB - Virtual size: 1.8MB

.reloc
Size: - Virtual size: 108KB

.aspack
Size: 138KB - Virtual size: 140KB

.adata
Size: - Virtual size: 4KB