14fbdc1fb993232e6fd373d2fd52bed3

Sharing

Copy URL Twitter E-mail

General

Target

14fbdc1fb993232e6fd373d2fd52bed3
Size

969KB
MD5

14fbdc1fb993232e6fd373d2fd52bed3
SHA1

6d02738cb58715e04c877848d3d81676b56140a8
SHA256

ae2399ecdc9f14e95fa4e0d82d985d5914509fe79cb6c4dc35c4bfcf7b75712e
SHA512

fc4fe17a7e7512e70523cd0753a968ed6f888858ec0df1040d21270c8c7d3b01f5a635be3f59b08b1de93230b7b68d6d685ecee6ce918074cab0cd4798da2ddd
SSDEEP

24576:mXnq4IBlyiUhpJb41httfpaLvKKW0lMDV:0q4NPhpJk1HtfyoVp

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/JobAssistant.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JobAssistant.exe

Files

14fbdc1fb993232e6fd373d2fd52bed3
.rar
Data/EMailList.dat
Data/EMailList.idx
Data/Favorites.dat
Data/Favorites.idx
Data/FavoritesFolder.dat
Data/FavoritesFolder.idx
Data/JobList.dat
Data/JobList.idx
Data/下载说明.htm
.html .js polyglot
JobAssistant.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 854KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
JobAssistant.ini
License.txt
Resume/下载说明.htm
.html .js polyglot
Template/templatehead.txt
.html
Template/下载说明.htm
.html .js polyglot
history.txt
info.txt
jf_snap.jpg
.jpg
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 854KB - Virtual size: 2.6MB

DATA Size: 14KB - Virtual size: 44KB

BSS Size: - Virtual size: 44KB

.idata Size: 5KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 184KB

.rsrc Size: 43KB - Virtual size: 228KB

.aspack Size: 32KB - Virtual size: 32KB

.adata Size: - Virtual size: 4KB

CODE
Size: 854KB - Virtual size: 2.6MB

DATA
Size: 14KB - Virtual size: 44KB

BSS
Size: - Virtual size: 44KB

.idata
Size: 5KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 184KB

.rsrc
Size: 43KB - Virtual size: 228KB

.aspack
Size: 32KB - Virtual size: 32KB

.adata
Size: - Virtual size: 4KB