aff8cafe083f712041e70d049e16fbb25128c17983f45f6531d352d19bf76d37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aff8cafe083f712041e70d049e16fbb25128c17983f45f6531d352d19bf76d37
Size

195KB
MD5

9f063abd5f0424d76ebcf3995202db48
SHA1

2744f16635c5ab0ef542a9eea431e66c6a2eae37
SHA256

aff8cafe083f712041e70d049e16fbb25128c17983f45f6531d352d19bf76d37
SHA512

d0d6e02fd0cc0c0e659af981e6405f23f3365f8ee87896a6c197e026bd1d9e4c9274ac905222f165e878ec92583d9b111f6f02cf3f2807bfb927047e857798ea
SSDEEP

3072:mpN0Nsgj06eMQMJj6RffQLJX0i5yC4E+qUhDwNv6EjmOboIRTqFt4xCG/:O0Ck06eMreff2xlr4ZnOv6ypbR9

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff8cafe083f712041e70d049e16fbb25128c17983f45f6531d352d19bf76d37

Files

aff8cafe083f712041e70d049e16fbb25128c17983f45f6531d352d19bf76d37
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 85KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE