569e88ab6d36570b9e970816461ede6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

569e88ab6d36570b9e970816461ede6a
Size

526KB
MD5

569e88ab6d36570b9e970816461ede6a
SHA1

ffdf1dbb517f04e3715a12c5298ec6236bb25b21
SHA256

e3fe7016f8ae66d4a3f4ec5aef5761bf0ea19d11ae4afccc0bf0d2f2f00389df
SHA512

704d8c64e64d1a5a885a91f679b4cc7c4401049cef2681644066db20762c19a3e5f608bffface39c64fd518072e2c33e6a7dc12134b1953b7a37da08a9c4f0be
SSDEEP

6144:n1mAbDWU5kKMJjEK9gOXm58wEQT/KD9iDlePsm0/Q/p/g7OOvrn7ecIX:n1mAbBta9A58oCp0/Q/p/g7OP9

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
569e88ab6d36570b9e970816461ede6a

Files

569e88ab6d36570b9e970816461ede6a
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 137KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 270KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE