General
-
Target
StreamMemFix1.0.asi
-
Size
27KB
-
MD5
f786108b7accebf37dc8c8fd25b563ff
-
SHA1
c9b31bee2e2b9377e319bcad247bff03db68a49a
-
SHA256
ef4b0fa41f332799d656c2c0c2143de5199840811da32b12e690e24e02c044b2
-
SHA512
9149b46cc9280246b405c952b31a8140ec63a7cd094ee63e038ce3a168393538094138a5d78358b4d3269ecce570ea994d8a0448d0b23164ceeb940544708a6b
-
SSDEEP
384:OhvLkR7KUxJhBgxzCpFdVsYdNKhENFp7wj/TTRXMsW0vl3n1gV/gAj/hRQASAxhl:OxkpK2JhjXLsYTKhEF8R8q1sFNxsdeV
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource StreamMemFix1.0.asi
Files
-
StreamMemFix1.0.asi.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 16KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE