c8e0f41c6f75793ba4bc7bc876288ace | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8e0f41c6f75793ba4bc7bc876288ace
Size

878KB
MD5

c8e0f41c6f75793ba4bc7bc876288ace
SHA1

003b1cab48852fccf0f2d592a0fbda8d56edc9ed
SHA256

fb75ea5dc8e41107c424b8b684f6a80ad9e8540fe83715a9f10d70894e4a7385
SHA512

71a563c8702e3990b0a9fcbf46eab14d1d94de8c94378420addc62293673e19a0f7bb82b6dd8680d7562fff25b15d61481355433e4b96cd37904d818727244da
SSDEEP

12288:h07zWNhDnEUNSGZ7uDoffMKZzlzYbwleBYV9wqD7sZP0Ep21gmvImRgW6e5jBkxr:dVEUNSZDo3VBleBYV9w/GJRuEBt0U4

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/tango.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tango.exe

Files

c8e0f41c6f75793ba4bc7bc876288ace
.rar
tango.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 445KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url