8d7d1ca24e4f194af8dc63f3c24eda3ec7ac827c67c24e4b0efb6d5bd07c64a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d7d1ca24e4f194af8dc63f3c24eda3ec7ac827c67c24e4b0efb6d5bd07c64a9
Size

10.0MB
MD5

4fa1f30f9e5ca8396538a33cc7d1a76b
SHA1

a33abfec7b2aa434531ef4464a5101c2f19bac96
SHA256

8d7d1ca24e4f194af8dc63f3c24eda3ec7ac827c67c24e4b0efb6d5bd07c64a9
SHA512

02b14645c2bc9d96023c5a991c1dc04002e29f93c370bb2687395d7bb5488dda5a05994969e5d635f2baa3fc3cc768bccc8bead391b27b66ede02b6e16f55d4c
SSDEEP

196608:zYnw0KWUGNEoiN/A4sstLZ77E5/DW3aEWLsVZJws9wzt3H9M8G/:UnSpGNvKtEEGsVUs9wzl9M8G/

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d7d1ca24e4f194af8dc63f3c24eda3ec7ac827c67c24e4b0efb6d5bd07c64a9

Files

8d7d1ca24e4f194af8dc63f3c24eda3ec7ac827c67c24e4b0efb6d5bd07c64a9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 272KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 615KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE