4480799b4dd991f391097a18897ee015[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

4480799b4dd991f391097a18897ee015.bin
Size

3.0MB
MD5

4480799b4dd991f391097a18897ee015
SHA1

55104a251a07c38c01335dd707bef5d275b98387
SHA256

d6fc103d676f1544e9ba9f2229cc2a3d1d6db7bbb5441b3571089f3689a42f8f
SHA512

7cad1849a31dccd0efc656e7442079c7dd8c4060037c6db985e516ba4d9807dd69a4e790d64c72acea26ee5a16ac1f8c5b4cbb70967ec112c160b660e4fd0a73
SSDEEP

49152:Yn1CLPc5tXFRaIAvV4wffUxppunuy6Bx8NxDEW/CJi03WI9oG15OkjetiRJA:5z0LbwVPfk5y6BU+WL03WY15OrYA

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/bankcalc/UpData.exe	aspack_v212_v242
static1/unpack001/bankcalc/bankcalc.exe	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bankcalc/UpData.exe
unpack001/bankcalc/bankcalc.exe

Files

4480799b4dd991f391097a18897ee015.bin
.rar
bankcalc/UpData.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 179KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bankcalc/bankcalc.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 402KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bankcalc/bankcalc.ini
bankcalc/calc.mdb
bankcalc/help.chm
.chm
bankcalc/list.bak
.xls .bak windows office2003
bankcalc/readme.txt
bankcalc/skin/1.skn
bankcalc/skin/10.skn
bankcalc/skin/11.skn
bankcalc/skin/12.skn
bankcalc/skin/13.skn
bankcalc/skin/14.skn
bankcalc/skin/15.skn
bankcalc/skin/16.skn
bankcalc/skin/17.skn
bankcalc/skin/18.skn
bankcalc/skin/19.skn
bankcalc/skin/2.skn
bankcalc/skin/20.skn
bankcalc/skin/21.skn
bankcalc/skin/22.skn
bankcalc/skin/23.skn
bankcalc/skin/24.skn
bankcalc/skin/25.skn
bankcalc/skin/26.skn
bankcalc/skin/3.skn
bankcalc/skin/4.skn
bankcalc/skin/5.skn
bankcalc/skin/6.skn
bankcalc/skin/7.skn
bankcalc/skin/8.skn
bankcalc/skin/9.skn
bankcalc/ver.ini

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 179KB - Virtual size: 448KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 36KB

.rsrc Size: 10KB - Virtual size: 48KB

.aspack Size: 21KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 1.2MB - Virtual size: 3.6MB

DATA Size: 15KB - Virtual size: 44KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 320KB

.rsrc Size: 402KB - Virtual size: 2.2MB

.aspack Size: 138KB - Virtual size: 140KB

.adata Size: - Virtual size: 4KB

CODE
Size: 179KB - Virtual size: 448KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 36KB

.rsrc
Size: 10KB - Virtual size: 48KB

.aspack
Size: 21KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 1.2MB - Virtual size: 3.6MB

DATA
Size: 15KB - Virtual size: 44KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 320KB

.rsrc
Size: 402KB - Virtual size: 2.2MB

.aspack
Size: 138KB - Virtual size: 140KB

.adata
Size: - Virtual size: 4KB