769cef1e0ca8a4b0aa4fe9a8bcd7e145

Sharing

Copy URL

Twitter E-mail

General

Target

769cef1e0ca8a4b0aa4fe9a8bcd7e145
Size

1.6MB
MD5

769cef1e0ca8a4b0aa4fe9a8bcd7e145
SHA1

f73986d92234823eaae1983ddc978b7f4a5d624b
SHA256

b217723d36ea7745e74416e6897471927e466b78ecbbc5d781423c1cf7cb17ee
SHA512

39857e69dfba91bed1253f116aade1757e21c116e71f8866e81b46feeb37d3d8d5ea7cd8a5413e9bb80687255aa06f00b96d9e84fbd9b97d566bc79c57ae98da
SSDEEP

49152:vwmM5bU+tiBjUKpolBNOC5wBMOOa15gOruN6xA5alW8r7:ImwJtQrolXODMWpuNV5WWa7

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/AGERC.DLL	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AGE.EXE
unpack001/AGERC.DLL

Files

769cef1e0ca8a4b0aa4fe9a8bcd7e145
.zip
AGE.EXE
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

_GetClassObject@4

Sections

.always
Size: 1.7MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.smile
Size: 649KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2020
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 487KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 57KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AGERC.DLL
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_CalcSymParams@20
_FindClash@20
_GetEv@20
_GetInstance@0
_GetLand@20
_InitRect@20
_OperateMenu@16
_SetChParams@20
_SetLandEnMvLimit@20
_SetMapEvPN@20
_SetMapEvPX@20
_SetMapEvPY@20
_SetMapHntPN@20
_SetMapHntPX@20
_SetMapHntPY@20
_SetMapLandIdx@20
_SetMapLandPN@20
_SetMapLandPX@20
_SetMapLandPY@20
_SetMapParams@20
_SetMapWallCr@20
_SetMapWallPN@20
_SetMapWallPX@20
_SetMapWallPY@20
_SetMapWallThrough@20
_SetNameLenMax@20
_SetScoutMv@20
_SetScoutMvType@20
_SetScoutMvWait@20
_SetScoutOption@20
_SetScoutSight@20
_SetScoutTrackWait@20
_SetScoutType@20
_SetScoutWallThrough@20
_SetSymBase@20
_SetSymHnt@20
_SetSymScout@20
_SetSymStX@20
_SetSymStY@20
_ShowDialog@12

Sections

Size: 113KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 154KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SYS4INI.BIN
.ps1

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.always Size: 1.7MB - Virtual size: 1.8MB

.smile Size: 649KB - Virtual size: 660KB

.2020 Size: 20KB - Virtual size: 40KB

Size: 2KB - Virtual size: 12KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 487KB - Virtual size: 588KB

Size: 57KB - Virtual size: 68KB

.rsrc Size: 308KB - Virtual size: 9.3MB

Size: 7KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 113KB - Virtual size: 392KB

Size: 14KB - Virtual size: 48KB

Size: 1024B - Virtual size: 2.5MB

Size: 4KB - Virtual size: 8KB

Size: 512B - Virtual size: 4KB

.rsrc Size: 161KB - Virtual size: 384KB

Size: 9KB - Virtual size: 24KB

Size: 4KB - Virtual size: 4KB

.data Size: 154KB - Virtual size: 376KB

.adata Size: - Virtual size: 4KB

.always
Size: 1.7MB - Virtual size: 1.8MB

.smile
Size: 649KB - Virtual size: 660KB

.2020
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 308KB - Virtual size: 9.3MB

.rsrc
Size: 161KB - Virtual size: 384KB

.data
Size: 154KB - Virtual size: 376KB

.adata
Size: - Virtual size: 4KB