c1bf32ee755d749408028d7fc3eb246c | Triage

Sharing

General

Target

c1bf32ee755d749408028d7fc3eb246c
Size

73KB
MD5

c1bf32ee755d749408028d7fc3eb246c
SHA1

64321fd06540e30850358c822d6d1dff8c462bad
SHA256

9453db58e0970caabfe9ac7253893191d756cd227e787940d6b933d018015f37
SHA512

236648433670f467fe9663fdc6a26a4ad87f2539c4ab040f1878637fea1077252e13ad61b4a567a521893cfcfd448a0a5964ca93f642d6f8ffe02c6655c2f8af
SSDEEP

1536:kCxKOBJyypgmDzV2NSQ85GdSu62Cnts1LxgUK2:/nyypmMGdSu51eUK2

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1bf32ee755d749408028d7fc3eb246c

Files

c1bf32ee755d749408028d7fc3eb246c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.ASPack
Size: 3808.0MB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASPack
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASPack
Size: - Virtual size: 333B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASPack
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASPack
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ASPack
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ASPack
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ASPack
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ASPack
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE