47080ed16348b49a0e603196423f748a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47080ed16348b49a0e603196423f748a
Size

50KB
MD5

47080ed16348b49a0e603196423f748a
SHA1

33a2525a2e0ebd724f33410767fd4b6fb4ffe80c
SHA256

d97581261cd812ba458329ac49e6783dfe58ea73a24a1524091e2d8973231dcf
SHA512

785d38bbb31dba6c5221aef223d08cd542e2fc9a74344702c312f99357e0eaf14218392dfd52698dd68a1a446ba86641996c8398d1a4a9b7cb03e50fa806e9bc
SSDEEP

1536:PWp1+m/n/Litt5mmNxjBvu47dxT0NJ1+t:O/7GKmPjBWCvQEt

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47080ed16348b49a0e603196423f748a

Files

47080ed16348b49a0e603196423f748a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE