2222f5a676cdfe718e9103b3790f8a0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2222f5a676cdfe718e9103b3790f8a0a
Size

54KB
MD5

2222f5a676cdfe718e9103b3790f8a0a
SHA1

ea7131f9698047631667ea49d31b26f5aa4ed366
SHA256

2c433c7bef464ddd7f4fb69d056a68eebf1570e8459b10cb38372962511f56ca
SHA512

4d43b32668452466f5dabccc222976765f0eed3a12e18edcd61ea1c7b21e770fe24a3e3023723eedcc32250a1d93109fd9fea17ab0ff51ef59bc247667e09f1e
SSDEEP

768:rWDuVYnGxllZKsUs7T59On/0XUuV7yId2/8HT7me7OyBrdkgI975NG/MTf3iXgbR:rflLtTRByIw0mTyBrdkL5A/23iqDzBh

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/GFRing3.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GFRing3.exe

Files

2222f5a676cdfe718e9103b3790f8a0a
.rar
360还原保护器使用说明.txt
GFCfg.ini
GFRing3.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MJ0011
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url