8fad7d5ea7992f70a8cbda3e33409bf02bcc0e5714e454ce64d821d48c68b0a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fad7d5ea7992f70a8cbda3e33409bf02bcc0e5714e454ce64d821d48c68b0a7
Size

9.7MB
MD5

4a11adcdb0e6e5a047992c71c7a825ca
SHA1

6ad68fb9914ecff019d769c082c90f4510d2c51f
SHA256

8fad7d5ea7992f70a8cbda3e33409bf02bcc0e5714e454ce64d821d48c68b0a7
SHA512

6a0ea1b8e788130cdc2f34e1f0e5f95bf14333dd9feeadb87a27277b0736966a166ebfb3c26338eea95537e18f8f8bc08332dea951d4f53f8e5dc348bb72c823
SSDEEP

196608:AovyF6vP+8CsJNneWSszcse0kU7W5gnKzrN2hmfkIrJcENgJ1jYlP:GcvPv3JN1RzcserV5gKkhmfkI2Ee

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fad7d5ea7992f70a8cbda3e33409bf02bcc0e5714e454ce64d821d48c68b0a7

Files

8fad7d5ea7992f70a8cbda3e33409bf02bcc0e5714e454ce64d821d48c68b0a7
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 665KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9.0MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 59KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE