e560211a6668b4ddeb976e45073dd896d6f2196da614fe7b6f60c4fd81cc3266 | Triage

Sharing

General

Target

e560211a6668b4ddeb976e45073dd896d6f2196da614fe7b6f60c4fd81cc3266
Size

3.7MB
MD5

6475cba5d6b2dc3b4141aac396560f98
SHA1

54fc7ec5ac5ca40b06376b84553d9e5779275006
SHA256

e560211a6668b4ddeb976e45073dd896d6f2196da614fe7b6f60c4fd81cc3266
SHA512

72952c98b0845cd395ad427802775caeb5c2b3aa48ea4216357c2b5e44cc52f0ff2cc5953cc47034cb6c41a1c3c9e1870fba5035df294a755f8a85d8997b7fde
SSDEEP

98304:iDMNx1CS32TBLg3dtxeP32SSHZh8cGW/:iDMNx1CTFL2cP3RmZhVG

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e560211a6668b4ddeb976e45073dd896d6f2196da614fe7b6f60c4fd81cc3266

Files

e560211a6668b4ddeb976e45073dd896d6f2196da614fe7b6f60c4fd81cc3266
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.2MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 314KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 78KB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 354KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SCY
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 701KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE