311d2c8edb3e021612340748f50eefe5fc6432f6e8c12c22c5aa9227d0f11326

Sharing

Copy URL Twitter E-mail

General

Target

311d2c8edb3e021612340748f50eefe5fc6432f6e8c12c22c5aa9227d0f11326
Size

1.3MB
MD5

ea0935716ab801555787efca8378c5ce
SHA1

0bf8d2e83b2075b7ea996238c8761d192a0acf33
SHA256

311d2c8edb3e021612340748f50eefe5fc6432f6e8c12c22c5aa9227d0f11326
SHA512

d62f495f5aa2b4b44fba7a2339042be13a44f35d2a56352c4bf90ae1e32962afab975b82a56774fda2342a39acb64044426d3f9de21dbd01b286daccfba7a505
SSDEEP

24576:rF+jhhd3QZ22U8CUcCCyZ1c0TmH7FMFf9efCCvBUjoT1Piv4cm2iYx7SH911:J+pQM9NvFgf92hJUGpiwiiKSHj

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311d2c8edb3e021612340748f50eefe5fc6432f6e8c12c22c5aa9227d0f11326

Files

311d2c8edb3e021612340748f50eefe5fc6432f6e8c12c22c5aa9227d0f11326
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 1.2MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 4.4MB

.itext Size: 8KB - Virtual size: 24KB

.data Size: 50KB - Virtual size: 92KB

.bss Size: - Virtual size: 435KB

.idata Size: 4KB - Virtual size: 16KB

.didata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.tls Size: - Virtual size: 72B

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 368KB

.rsrc Size: 20KB - Virtual size: 84KB

.aspack Size: 11KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 4.4MB

.itext
Size: 8KB - Virtual size: 24KB

.data
Size: 50KB - Virtual size: 92KB

.bss
Size: - Virtual size: 435KB

.idata
Size: 4KB - Virtual size: 16KB

.didata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.tls
Size: - Virtual size: 72B

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 368KB

.rsrc
Size: 20KB - Virtual size: 84KB

.aspack
Size: 11KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB