bd6a605ca1f73cc48ffe873b16de694349bdf021aa4cac0cdf0404a1478f299b[.]zip[.]zip

General

Target

bd6a605ca1f73cc48ffe873b16de694349bdf021aa4cac0cdf0404a1478f299b.zip.zip
Size

2.3MB
MD5

cf44df987b33a4e12b23f61dd410a3d0
SHA1

bd81506639d121b80e180f3c6612b66254e112d5
SHA256

23a7efc09c1d6b132f1db0f4dbeeb431beec90280eee777c22f7275dc9989f58
SHA512

5bec45429a2d73ed7ca386bfc95044595b572ac54409e4c8a041706bec010f5908dd54d02d602bc92c5836d29d4a902c5ca80efc13dec884abfeaca11942c58e
SSDEEP

49152:fXtxd8Yc0l6IlD6GNeIML9TTCXuDxIDYUaCvVulOAjSLsf2UuEHAD:fXtzPl6BGNeII3GuaD1HAjSLsOUpH8

Score

7^/10

aspackv2

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack002/360 DNS优选独立最新版.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/360 DNS优选独立最新版.exe

bd6a605ca1f73cc48ffe873b16de694349bdf021aa4cac0cdf0404a1478f299b.zip.zip
.zip

Password: infected
bd6a605ca1f73cc48ffe873b16de694349bdf021aa4cac0cdf0404a1478f299b.zip
.zip
360 DNS优选独立最新版.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 185KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.1MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE