b3fb347fc889ffaf3447d5dd6a52a673 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3fb347fc889ffaf3447d5dd6a52a673
Size

279KB
MD5

b3fb347fc889ffaf3447d5dd6a52a673
SHA1

8da19fa0d7f32daf851627c13ae12949606f0474
SHA256

40fe1056aeb7ee291f0851c075323241e0a39814b84b592f39c557dd2bc08f3e
SHA512

336ea147ea4acee560571f6af9b1aeed3d45fb9e9652821b519b381075264c4d5f81ab1af8427d40ec01455e95ee7a38ba9a56938d1f60b1b924b2ccb4f12862
SSDEEP

6144:GqocDxK96ulHuBzUU9J2R1zjo+Zeq04/HHIQXTbDlRv+5XlFxLL:G384puAR1zjzQq5ZXTPfW5lX

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3fb347fc889ffaf3447d5dd6a52a673

Files

b3fb347fc889ffaf3447d5dd6a52a673
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 73KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 198KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE