e4d64c50ffa322f7b63c678d9bfb881550b9dc0276ee76e140e9abff0a7ee092 | Triage

Sharing

General

Target

e4d64c50ffa322f7b63c678d9bfb881550b9dc0276ee76e140e9abff0a7ee092
Size

11.4MB
MD5

65619f4832a593b8e520dee8166e1cde
SHA1

6f3f6a991a73b88afbfa9e31bb71ed813d4e59da
SHA256

e4d64c50ffa322f7b63c678d9bfb881550b9dc0276ee76e140e9abff0a7ee092
SHA512

840820e0658d837b56f3eff47241bd75e1389a383cfc43bfd41f3cd94beea4ba1352fa075b42c8f79368544c8a909a0f46be44b2feb3752586c933999c7e1e83
SSDEEP

196608:XSFfffRkRwhkGvEC7Cm+T/9TWW9HqyZ517R4UyiIt50XEA9:XYZlhkjC2mGTDKyr1KUyiIteEA

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4d64c50ffa322f7b63c678d9bfb881550b9dc0276ee76e140e9abff0a7ee092

Files

e4d64c50ffa322f7b63c678d9bfb881550b9dc0276ee76e140e9abff0a7ee092
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 242KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9.6MB - Virtual size: 15.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 270KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE