2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704[.]exe[.]zip

General

Target

2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704.exe.zip
Size

2.4MB
MD5

4e87cbd19113c801b03c550af71b1123
SHA1

94fdd00886d68ce61ca674b21e7dc34295cc9010
SHA256

0865d569bc1b66fbfd8d19bb2536dbd45db53c038337e58ab6c4a9bf2f092c8c
SHA512

ac7af5e2d25224d8e47cdfeefd5dac38baa04c21760b7ccd96cccd7f2953435c976bbf537ee8240d33129e21c16728de4fa429186d178bb97919d106eaa8db0b
SSDEEP

49152:4C3chLGcUmYMp5e4hNkdOn/LP8m2zTbf7ThSEe2ao0SeE+JKeNjWF:zMhLGurxt27hS92a9SeLKUA

Score

7^/10

aspackv2

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704.exe

2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704.exe.zip
.zip

Password: infected
2c1cafe0f7e064c0a8cf049d5414f2f379b6648760b157c2534dfefc03234704.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 291KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE