39486338bdb105c813f0fb0f69828f2150e1235e7bf7a85dc9914b684ed6c8f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39486338bdb105c813f0fb0f69828f2150e1235e7bf7a85dc9914b684ed6c8f3
Size

1.4MB
MD5

0b34e395981b4baf2acf49da06fd3fa0
SHA1

e7b26835d21873733e83940e35d20a1d4b94293c
SHA256

39486338bdb105c813f0fb0f69828f2150e1235e7bf7a85dc9914b684ed6c8f3
SHA512

b55c9821008e79e2b8a71e70cd4aba7379487e70a164d031ff253d4ce63ee94b4892f608988539f51f47f61c9a601c9857e4f57e884f4975d4426ac8a25f11fc
SSDEEP

24576:e+1cD7U99CsxEJXbBIQ/tTfLsoHnEtiRjGKFzlgHT3RhSxG0sJuAmAC4bRJobxo3:e+1MU99gXVIQ/BfHSioKFuRIxzQCWboi

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39486338bdb105c813f0fb0f69828f2150e1235e7bf7a85dc9914b684ed6c8f3

Files

39486338bdb105c813f0fb0f69828f2150e1235e7bf7a85dc9914b684ed6c8f3
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 596KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 189KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 348KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 300KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE