4280c687b499ab9199a0922e9ac65c40

Sharing

Copy URL Twitter E-mail

General

Target

4280c687b499ab9199a0922e9ac65c40
Size

447KB
MD5

4280c687b499ab9199a0922e9ac65c40
SHA1

6170903329b2c8793e9351716e5b44951e2d221f
SHA256

19e4809382b97b1d9bcfd02c5983dd71206e7a85f4077f3a3ab07fa1892117ea
SHA512

0122eae505be79f2ffc7248f099366e1752225e2f98def49c9bf79dd18eea2d1d2956bbddd05f416048f9cd82349853c7ae2376bc8de288448264baeebdef81b
SSDEEP

6144:nK7CEPsXjFh/6TYqCln+XhVSgQstxYk31V2YA5bXuSKzeSeauwzDaZUVJhHL:czUnsXC+X3Sby1eeteSbzDaZKzL

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/极品公交时刻表/JPSK_Bus.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/极品公交时刻表/JPSK_Bus.exe

Files

4280c687b499ab9199a0922e9ac65c40
.rar
极品公交时刻表/JPSK_Bus.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 249KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
极品公交时刻表/JpBus.ini
极品公交时刻表/JpCitys.ini
极品公交时刻表/JpbDll/beijing.dll
极品公交时刻表/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 249KB - Virtual size: 656KB

DATA Size: 4KB - Virtual size: 12KB

BSS Size: - Virtual size: 3.1MB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 48KB

.rsrc Size: 39KB - Virtual size: 184KB

.aspack Size: 19KB - Virtual size: 20KB

.adata Size: - Virtual size: 4KB

CODE
Size: 249KB - Virtual size: 656KB

DATA
Size: 4KB - Virtual size: 12KB

BSS
Size: - Virtual size: 3.1MB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 48KB

.rsrc
Size: 39KB - Virtual size: 184KB

.aspack
Size: 19KB - Virtual size: 20KB

.adata
Size: - Virtual size: 4KB