7167ec7ee46fae5b9181a2337640c4cc

Sharing

Copy URL Twitter E-mail

General

Target

7167ec7ee46fae5b9181a2337640c4cc
Size

856KB
MD5

7167ec7ee46fae5b9181a2337640c4cc
SHA1

c4cadf63798d7d8b3a9f818aab6dc5b6c7e852cc
SHA256

8f334d9d7a62d8beddf3feaa2f5285596790ceacb9533cfa49aa3effec552c01
SHA512

3ac075b5bfb4dfdfd36498d131b03af2a5062368e87854752b04647955900f4472ca477070cb7db9f0611746d77c1fad0f1e0590b458430b196a02176775cb04
SSDEEP

24576:L3R2HMve40ZWGLRoQLWR6s/k1xflmUDNjjhjd:/8WIr43k1xflDxX

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

7167ec7ee46fae5b9181a2337640c4cc
.exe windows:4 windows x86 arch:x86

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

5a:4b:76:8a:df:ec:8c:d7:39:71:11:b3:0b:86:af:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

05/03/2010, 00:00

Not After

05/03/2011, 23:59

Subject

CN=北京腾度网络科技有限公司,OU=WoSign Class 3 Code Signing,O=北京腾度网络科技有限公司,L=海淀,ST=北京,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:f2:e4:3a:b4:37:88:6e:41:f8:ba:a4:13:89:7f:e6:65:0d:40:ff
Signer

Actual PE Digest

f6:f2:e4:3a:b4:37:88:6e:41:f8:ba:a4:13:89:7f:e6:65:0d:40:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 688KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

5a:4b:76:8a:df:ec:8c:d7:39:71:11:b3:0b:86:af:81Certificate

Extended Key Usages

Key Usages

f6:f2:e4:3a:b4:37:88:6e:41:f8:ba:a4:13:89:7f:e6:65:0d:40:ffSigner

Headers

File Characteristics

Sections

CODE Size: 688KB - Virtual size: 1.9MB

DATA Size: 10KB - Virtual size: 28KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 168KB

.rsrc Size: 34KB - Virtual size: 224KB

.aspack Size: 114KB - Virtual size: 116KB

.adata Size: - Virtual size: 4KB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

5a:4b:76:8a:df:ec:8c:d7:39:71:11:b3:0b:86:af:81
Certificate

f6:f2:e4:3a:b4:37:88:6e:41:f8:ba:a4:13:89:7f:e6:65:0d:40:ff
Signer

CODE
Size: 688KB - Virtual size: 1.9MB

DATA
Size: 10KB - Virtual size: 28KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 168KB

.rsrc
Size: 34KB - Virtual size: 224KB

.aspack
Size: 114KB - Virtual size: 116KB

.adata
Size: - Virtual size: 4KB