a3b81eee0491ab7ba5d3036b02091e29

Sharing

Copy URL Twitter E-mail

General

Target

a3b81eee0491ab7ba5d3036b02091e29
Size

250KB
MD5

a3b81eee0491ab7ba5d3036b02091e29
SHA1

6acb7e322e92f2cd7a651080c9fb8aca191b4beb
SHA256

41c02d31d71d1f3edbc287c9cd9c6d8a121f81da5f093ec1e6a339e67f84d32a
SHA512

ac250887c7bba0480b55c5527ff5738da2e1b83c572c2c92ff5df7177131ba065a85cc323eaa40be5152c24363ebed8015647e72463058a74f4f053205f7b81d
SSDEEP

6144:rSVvsRNoUQl415inYis+AZrEZeJv48b99madpaSi:rjRKUj15sXstZHv3B9mUpap

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ASPack/ASPack.exe
unpack001/ASPack/uninstal.exe

Files

a3b81eee0491ab7ba5d3036b02091e29
.zip
ASPack/ASPACK.HLP
ASPack/ASPack.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 111KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ass
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ASPack/Chinese BIG5.ini
ASPack/Chinese GB.ini
ASPack/English.ini
ASPack/Options.ini
ASPack/Russian.ini
ASPack/uninstal.exe
.exe windows:4 windows x86 arch:x86

03f0b3f18ffe76449ee9208f70ba69e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryA
ReadFile
WaitForSingleObject
CreateProcessA
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
DeleteFileA
SetFileAttributesA
FindClose
GetShortPathNameA
RemoveDirectoryA
FindFirstFileA
lstrcatA
CreateFileA
MoveFileExA
SetCurrentDirectoryA
CopyFileA
SetFilePointer
GetWindowsDirectoryA
GetCurrentDirectoryA
GetTempPathA
lstrcpyA
InterlockedIncrement
GetModuleHandleA
GetFileSize
ExitProcess
VirtualFree
VirtualAlloc
CompareStringA
GetFileAttributesA
lstrlenA
FindNextFileA
GetModuleFileNameA

user32

LoadIconA
GetWindowLongA
SetWindowTextA
CharToOemA
ShowWindow
EndDialog
FindWindowA
SetClassLongA
SendMessageA
DialogBoxParamA
SetWindowPos
SetDlgItemTextA
GetDlgItem
EnableWindow
PostMessageA
SendDlgItemMessageA
wvsprintfA
MessageBoxA
wsprintfA
GetWindowRect

gdi32

RemoveFontResourceA

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA

shell32

SHChangeNotify

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ASPack/uninstal.ini

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 111KB - Virtual size: 264KB

Size: 3KB - Virtual size: 8KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 8KB

Size: 6KB - Virtual size: 8KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: - Virtual size: 16KB

.rsrc Size: 22KB - Virtual size: 96KB

.ass Size: 58KB - Virtual size: 60KB

.adata Size: 11KB - Virtual size: 32KB

03f0b3f18ffe76449ee9208f70ba69e7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 512B - Virtual size: 4B

.data Size: 512B - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 1KB

.Shared Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 29KB

.rsrc
Size: 22KB - Virtual size: 96KB

.ass
Size: 58KB - Virtual size: 60KB

.adata
Size: 11KB - Virtual size: 32KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 512B - Virtual size: 4B

.data
Size: 512B - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 1KB

.Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 29KB