9561dcb973f55302be07651b679e84c4971f9c402c800e402bac6300059025fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9561dcb973f55302be07651b679e84c4971f9c402c800e402bac6300059025fb
Size

9.9MB
MD5

4ce69d66db8ecf4641450efbdf8eb223
SHA1

68aa35fcafbc3712931743ae2f191a86e76c16b0
SHA256

9561dcb973f55302be07651b679e84c4971f9c402c800e402bac6300059025fb
SHA512

1239a629280bd4e8e397a15bca97249acfee9d37038ad4aac08cf877ca252fb42209c0c07a28eb61deb94d4be81930ae7e61fa75faa8e9da41992ab7e181fac1
SSDEEP

196608:QnfrOaUz6DHKjEHtwjCRtrt7C1f+lSA4hQxdml3Q22ennuOoHHRSutpaDm:QnjODzfjcwjCRtx7U+l1GQD03/nunHHh

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9561dcb973f55302be07651b679e84c4971f9c402c800e402bac6300059025fb

Files

9561dcb973f55302be07651b679e84c4971f9c402c800e402bac6300059025fb
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 665KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9.2MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 59KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE