e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682[.]exe[.]zip

General

Target

e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682.exe.zip
Size

10.0MB
MD5

20116ffedb9923fd9c5cfee687920fa5
SHA1

ce58a2edd27439bd4daf38b8033b8d6effd548ea
SHA256

ef5dd14708563648690eaaaf4a7c634ac3f39588ff64f48c805e97aeb774a7a5
SHA512

dbb947bd91f1e5aacac2871b5569167ce5f3294dbc5502129d08e5a5f3862dcb6b24c53fe5d4b4a40bf534fe2199e12acc2f14076c3cf079b3308758f108a0ff
SSDEEP

196608:3/yfaiCeo4yfrY/F/5/657/tFeEMu3oylLiTf8HRe/SUL2YOMHI:3UaiCRY/F/M57/twEJYA800L2Qo

Score

7^/10

aspackv2

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682.exe

e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682.exe.zip
.zip

Password: infected
e4349314c49238f8065ed4c95723f73b0a9ebd8126300c19c11d3ad4f1366682.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 210KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE