3717f9299ecfd98b415c83dc064c8f634e4b35110fe8b5db7ac653180af2d6bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3717f9299ecfd98b415c83dc064c8f634e4b35110fe8b5db7ac653180af2d6bf
Size

195KB
MD5

cf7a0e1bf172c3bee9ef83699c7aac4f
SHA1

5dd49eeb48e583d8c92593fcbbc7dc8e7a2c3600
SHA256

3717f9299ecfd98b415c83dc064c8f634e4b35110fe8b5db7ac653180af2d6bf
SHA512

b3f3d2cc2ce7ee5c75faaed89319a56d8844227c57c4f8b3ffbba320d2411199c579a66136b3bb46d7e8e94e76af485a4931415aad630e82046d2bc67039e28b
SSDEEP

3072:MpN0Nsgj06eMQMJj6RffQLJX0i5yC4E+qUhDwNv6EjmOboIRTqFt4fCG/:o0Ck06eMreff2xlr4ZnOv6ypbRT

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3717f9299ecfd98b415c83dc064c8f634e4b35110fe8b5db7ac653180af2d6bf

Files

3717f9299ecfd98b415c83dc064c8f634e4b35110fe8b5db7ac653180af2d6bf
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 85KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE