a239249bc9cc0c55eb3401e1c537b340 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a239249bc9cc0c55eb3401e1c537b340
Size

610KB
MD5

a239249bc9cc0c55eb3401e1c537b340
SHA1

46b5c29f26db672af9ff5fac42b21042fa8015fd
SHA256

6b973dabad8237abf0ec0dd8b337541761ef1ce3514313a540fe5eed9a37baf2
SHA512

0e4a517450c7602a1b234a9aba3b90e8911f1eca54b36edeb8bd401e5a9b0dbbd2ee8fc43f488c6957c987f579d6c2fffff8d227765b59dd55713859696ae72a
SSDEEP

12288:Et5+zeX8qaGkKNHgOBOYqxV5wSVNNrN8cXC/vaT+p7KLqtOrvBNrf:EWzA8cNAD5V/3O2Kp7KGtOfrf

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/酷火音乐盒2.0.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/酷火音乐盒2.0.exe

Files

a239249bc9cc0c55eb3401e1c537b340
.rar
新云软件.url
.url
酷火音乐盒2.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 322KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 245KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE