5853a79e98e0d248fcdb6f3bcba12eee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5853a79e98e0d248fcdb6f3bcba12eee
Size

623KB
MD5

5853a79e98e0d248fcdb6f3bcba12eee
SHA1

1035fab39fd434a1019bf14f21a037742040f3d1
SHA256

618b4074ff0e7721e48ae5590e02b59468de7d187d6d42b553e29319c4ef9940
SHA512

b5f7de7874c2a64f3f71e8f34c0d7842daf2b303190d7ff74a5cd486cebc1aa73e8800a6f9e69630e1c9f9f5c8512b000b4a2a4c1ab01ba05d7fde883eb828da
SSDEEP

12288:0lQA7LI1BrqO1v7HtOQaeRH0UtFF3Z4mxxyWU3DFDQ6UxtF60:0lxcqO1vTjvFQmX1U3DdlU3j

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5853a79e98e0d248fcdb6f3bcba12eee

Files

5853a79e98e0d248fcdb6f3bcba12eee
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE