d5bbef29d9081ecbebb07c4b7b1553c5de678454aed968fa4468c2a60528cfd8

General

Target

d5bbef29d9081ecbebb07c4b7b1553c5de678454aed968fa4468c2a60528cfd8
Size

246KB
MD5

da492dc4b05a7347efc0edb19d6832a2
SHA1

c647c92515f4279a1c6abf729c316d8cf2075c14
SHA256

d5bbef29d9081ecbebb07c4b7b1553c5de678454aed968fa4468c2a60528cfd8
SHA512

1fc3c687a12c7b7474203834b920bf7098f0ce5071017b500f680c5315af262537bc374c571ed18fbf2782172bf0e86a3468005fe3c41c646dd655c42660fb3e
SSDEEP

6144:+ieILyNB4SKdIjLMsvDwPfhKFj0Tn841jMndCY8bxI:+ie0yT4SlmJ60Tn8eQd+ba

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/Восстановление КП/H2Testw 1.4 Portable by KpoJIuK.exe	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Восстановление КП/H2Testw 1.4 Portable by KpoJIuK.exe
unpack001/Восстановление КП/MyDiskFix.exe

Files

d5bbef29d9081ecbebb07c4b7b1553c5de678454aed968fa4468c2a60528cfd8
.zip
Восстановление КП/H2Testw 1.4 Portable by KpoJIuK.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 108KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Восстановление КП/MyDiskFix.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

��0
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��1
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 108KB - Virtual size: 228KB

.rdata Size: 19KB - Virtual size: 68KB

.data Size: 3KB - Virtual size: 28KB

.rsrc Size: 7KB - Virtual size: 72KB

.reloc Size: 11KB - Virtual size: 36KB

.data Size: 1024B - Virtual size: 4KB

.aspack Size: 57KB - Virtual size: 60KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

���0 Size: - Virtual size: 168KB

���1 Size: 42KB - Virtual size: 44KB

.rsrc Size: 28KB - Virtual size: 32KB

.text
Size: 108KB - Virtual size: 228KB

.rdata
Size: 19KB - Virtual size: 68KB

.data
Size: 3KB - Virtual size: 28KB

.rsrc
Size: 7KB - Virtual size: 72KB

.reloc
Size: 11KB - Virtual size: 36KB

.data
Size: 1024B - Virtual size: 4KB

.aspack
Size: 57KB - Virtual size: 60KB

.adata
Size: - Virtual size: 4KB

��0
Size: - Virtual size: 168KB

��1
Size: 42KB - Virtual size: 44KB

.rsrc
Size: 28KB - Virtual size: 32KB