70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c[.]exe[.]zip

General

Target

70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c.exe.zip
Size

760KB
MD5

2d4aeab7b8d317396439a24bd70e1d63
SHA1

b6f9436552eded8753e903e94a97648ea5c183a4
SHA256

3ee5199ea3b5f498d4f16f9f7717e30cd46b4fa8c35ab4138463f434e96ff88b
SHA512

ddb0155b3b9cea92d4073330a63d8fb5bd503ca275781296fc89ef88fee3e1035d56698610413bbe282daa2b37a3443ca1175a69b020c063dbc8f7d2c506e133
SSDEEP

12288:gSZ6cRpw2coif01gFMfGOxzyWeasnbumGDFrtq2Y6P/JkImNL2WnHo8GbZEF:gxcPu012yGOxBeem2hz/J1mJ2ksEF

Score

7^/10

aspackv2

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c.exe

70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c.exe.zip
.zip

Password: infected
70a6ac553d0b78f31f205fa188ff354f50242bb793d52bdc1c472af428c4875c.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 263KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE