9c543f0291ebfb9f7606bac6d41ebd8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c543f0291ebfb9f7606bac6d41ebd8d
Size

248KB
MD5

9c543f0291ebfb9f7606bac6d41ebd8d
SHA1

4c74bafce20fbb30456039063c6ddd71eaf155d1
SHA256

980b369a2fd6a8306d4ebb312ef891640b963eebe1505831bc2660cbb8e8f20b
SHA512

78d9180bf0e12c0121047d4605f03b6588d06f2d13f2a7a619867d70e5d70f466266113c61bb3736b2060eedde3976716d67f7dd886d1dec54dda52e56aa3bd4
SSDEEP

6144:jQb7WVQJvLKvv98gWNlPTGQQm6agrdeP:jQbTmmNtTird

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c543f0291ebfb9f7606bac6d41ebd8d

Files

9c543f0291ebfb9f7606bac6d41ebd8d
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

InstallHook1
InstallHook2
UninstallHook

Sections

Size: 73KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE