867e0fa22f3f1363e43a8eda29fb0bb0118f8e2576ac6db1a66334228ce042b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

867e0fa22f3f1363e43a8eda29fb0bb0118f8e2576ac6db1a66334228ce042b1
Size

15.0MB
MD5

0c47a33e587706e3e177a135d376abb1
SHA1

da1442ad6e1a4f2b709bf1f4bccb1d9ea3b8bf44
SHA256

867e0fa22f3f1363e43a8eda29fb0bb0118f8e2576ac6db1a66334228ce042b1
SHA512

b5dd2d402f55030dcd0a8a8a1767027460d6200f0456f946655a0927135c8cfc7a993e2f94773e7f7f47e79835042cf5c62b3b7a61e200d1f93df25a4c4568fe
SSDEEP

196608:PYPDPynTnKWUGNEoiN/A4s1bru7JoE4mgWh+rzU25L25JUee+IodP78nE8Uw3DF5:gPDPM2pGNvJi8mgWQs25L26NSP7tY3h5

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
867e0fa22f3f1363e43a8eda29fb0bb0118f8e2576ac6db1a66334228ce042b1

Files

867e0fa22f3f1363e43a8eda29fb0bb0118f8e2576ac6db1a66334228ce042b1
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 272KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 615KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE