dbad175132d94600542923d55dd0b105a71bbc481b92ea68f7211b74489e585d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbad175132d94600542923d55dd0b105a71bbc481b92ea68f7211b74489e585d
Size

10.3MB
MD5

12d7f08e22f11a6703c0e3abc7b15e11
SHA1

1fc8a51c35fe401f139ed7aed4833e54bab225ec
SHA256

dbad175132d94600542923d55dd0b105a71bbc481b92ea68f7211b74489e585d
SHA512

2b82b11e6bcc1f3cb17dad65e6e33f092e5ea75fafaebed8ce8178efaa9f75a1e04c29f170d3025407a2f9f1409c12e7660c626bec3b27dea85f38cff8ff453c
SSDEEP

196608:Y4yFhu/thQgiuYJabbNFs5rn+WbrVLSOG3dyWvxIXIyMQGUsbqLsT06X0b90:Y4yzuTQgi50d+5blLStdyWvxI4y5lgqq

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbad175132d94600542923d55dd0b105a71bbc481b92ea68f7211b74489e585d

Files

dbad175132d94600542923d55dd0b105a71bbc481b92ea68f7211b74489e585d
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 315KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9.7MB - Virtual size: 19.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE