bfcfe54c0df7b9ce6cc7cbe1891a2b6324320334475d60f86c0fcc3618dfa3b2

Sharing

Copy URL Twitter E-mail

General

Target

bfcfe54c0df7b9ce6cc7cbe1891a2b6324320334475d60f86c0fcc3618dfa3b2
Size

12.9MB
MD5

f5af23d4059af06babd6a61457cc3370
SHA1

d91c3d049ad8700d14ba0721ed0cf37d35f4895b
SHA256

bfcfe54c0df7b9ce6cc7cbe1891a2b6324320334475d60f86c0fcc3618dfa3b2
SHA512

d6174fbe2c59d7418109513690336753f425951c6ba517216ad3052ee9ffac050f1f14b0c543d1bc17c552c2187f9d10f625cc46e7daaf02c069cc5ad2859469
SSDEEP

393216:KrvYj+1+gUtY8ym536kc0yE0Ze0ni7UDgGUwReET:KrvYj+Tj3ZEVNr0T

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfcfe54c0df7b9ce6cc7cbe1891a2b6324320334475d60f86c0fcc3618dfa3b2

Files

bfcfe54c0df7b9ce6cc7cbe1891a2b6324320334475d60f86c0fcc3618dfa3b2
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

.text
Size: 1.2MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.y&Y
Size: 3.0MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a/O
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f:<
Size: 2.0MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)jZ
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 3.7MB

.itext Size: 7KB - Virtual size: 16KB

.data Size: 46KB - Virtual size: 108KB

.bss Size: - Virtual size: 556KB

.idata Size: 17KB - Virtual size: 20KB

.didata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.tls Size: - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 4KB

.y&Y Size: 3.0MB - Virtual size: 3.9MB

.a/O Size: 3KB - Virtual size: 4KB

.f:< Size: 2.0MB - Virtual size: 2.2MB

.rsrc Size: 512B - Virtual size: 20KB

)jZ Size: 21KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 3.7MB

.itext
Size: 7KB - Virtual size: 16KB

.data
Size: 46KB - Virtual size: 108KB

.bss
Size: - Virtual size: 556KB

.idata
Size: 17KB - Virtual size: 20KB

.didata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.tls
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 4KB

.y&Y
Size: 3.0MB - Virtual size: 3.9MB

.a/O
Size: 3KB - Virtual size: 4KB

.f:<
Size: 2.0MB - Virtual size: 2.2MB

.rsrc
Size: 512B - Virtual size: 20KB

)jZ
Size: 21KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB