56c3074b99f2f56f4c7cdbb965275201 | Triage

Sharing

General

Target

56c3074b99f2f56f4c7cdbb965275201
Size

291KB
MD5

56c3074b99f2f56f4c7cdbb965275201
SHA1

1a34dc13d07029da842646fde04ac4d0233db2ff
SHA256

87527e74e1607aaf71806c1be33891fc5105c32af2461b5a21f359fe2caec466
SHA512

edfbe8616928882b37f890d3c539d23a8f73975339d0678ce825e9764f6055c99ed4b1ae9016627ff6d3e3b36d0bd27bd6f6164b51a6752353facfdfd14461f1
SSDEEP

6144:2b56D/uPZiLyBefO+/S47ElaGGu7Po0w2nM+mSQ9CfN76zO7xhCA:oprRc7ETzo0w2MfiN7AO7DCA

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/QQLog.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQLog.exe

Files

56c3074b99f2f56f4c7cdbb965275201
.cab
QQLog.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 94KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE