Behavioral task
behavioral1
Sample
347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e.exe
Resource
win10v2004-20231023-en
General
-
Target
347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e
-
Size
285KB
-
MD5
4cb1ac47cc162ac0eefeb3a56670201f
-
SHA1
e52ee9aea42e812945e28ea89758cd4e7e689f09
-
SHA256
347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e
-
SHA512
656ec8ff35b6d1c893f813c74280ccc0e87898babae0674a3c983abd7094ef7f0ffa308ac4aba85bb0fbbf14e58896b65c5de50376207e4f5a4c5f4f9a25c0e8
-
SSDEEP
6144:Ay2Pnbeb73hyerKbxarLHb0HMXgkD+xhKtonECK+t:6YThyeeNaH70dkDShK+EQt
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e
Files
-
347bafefc2c5201889a6fc619c82855521e8e8694d62ddf089c4b49592d4a87e.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 235KB - Virtual size: 900KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 12KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE