cc276f842bb1ec23c992690abd57b3a6

Sharing

Copy URL

Twitter E-mail

General

Target

cc276f842bb1ec23c992690abd57b3a6
Size

4.0MB
MD5

cc276f842bb1ec23c992690abd57b3a6
SHA1

ded2b9207e201831ec96c83608d260dbebacf733
SHA256

b1b2d0d6a42c9e085b54e5f9007eff6eff50f9bec0377e1951eda613fd051495
SHA512

cbbc8b579d37dd2af4021a2f5ff1abe79a7c23d93224aa60826fa1525e02510b1c4455e77270204b776baa7cf15842e1e448dd8a493d2f6814e88a1b4f553577
SSDEEP

98304:GH/eMn6ro0ohfCqYzdyEd8PLbL8Ui13mcAbIbnokvgEubq/c2AJ4:GHEkjfkyEiPLbL8rFmcAUbnlotbqXC4

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/IP修改工具2.74/PCtools.exe	aspack_v212_v242
static1/unpack001/IP修改工具2.74/网络扫描.exe	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IP修改工具2.74/PCtools.exe
unpack001/IP修改工具2.74/网络扫描.exe

Files

cc276f842bb1ec23c992690abd57b3a6
.rar
IP修改工具2.74/JQ.bat
IP修改工具2.74/PCMAC.ini
IP修改工具2.74/PCtools.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 260KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IP修改工具2.74/config.ini
IP修改工具2.74/cs15.JQ
IP修改工具2.74/cs16.JQ
IP修改工具2.74/skins/Project2.res
IP修改工具2.74/skins/iTunes.skn
IP修改工具2.74/skins/macos.skn
IP修改工具2.74/skins/macosNew.skn
IP修改工具2.74/skins/mxp05.skn
IP修改工具2.74/skins/mxp1.skn
IP修改工具2.74/skins/mxp2.skn
IP修改工具2.74/skins/mxp3.skn
IP修改工具2.74/skins/mxp4.skn
IP修改工具2.74/skins/mxskin03.skn
IP修改工具2.74/skins/mxskin1.skn
IP修改工具2.74/skins/mxskin10.skn
IP修改工具2.74/skins/mxskin11.skn
IP修改工具2.74/skins/mxskin12.skn
IP修改工具2.74/skins/mxskin13.skn
IP修改工具2.74/skins/mxskin14.skn
IP修改工具2.74/skins/mxskin15.skn
IP修改工具2.74/skins/mxskin17.skn
IP修改工具2.74/skins/mxskin18.skn
IP修改工具2.74/skins/mxskin19.skn
IP修改工具2.74/skins/mxskin2.skn
IP修改工具2.74/skins/mxskin20.skn
IP修改工具2.74/skins/mxskin21.skn
IP修改工具2.74/skins/mxskin22.skn
IP修改工具2.74/skins/mxskin23.skn
IP修改工具2.74/skins/mxskin24.skn
IP修改工具2.74/skins/mxskin25.skn
IP修改工具2.74/skins/mxskin26.skn
IP修改工具2.74/skins/mxskin27.skn
IP修改工具2.74/skins/mxskin28.skn
IP修改工具2.74/skins/mxskin29.skn
IP修改工具2.74/skins/mxskin30.skn
IP修改工具2.74/skins/mxskin31.skn
IP修改工具2.74/skins/mxskin32.skn
IP修改工具2.74/skins/mxskin33.skn
IP修改工具2.74/skins/mxskin34.skn
IP修改工具2.74/skins/mxskin35.skn
IP修改工具2.74/skins/mxskin8.skn
IP修改工具2.74/skins/mxskin9.skn
IP修改工具2.74/skins/skin0000.skn
IP修改工具2.74/skins/skin0003.skn
IP修改工具2.74/skins/skin0004.skn
IP修改工具2.74/skins/skin0006.skn
IP修改工具2.74/skins/skin0010.skn
IP修改工具2.74/skins/skin0011.skn
IP修改工具2.74/skins/skin0012.skn
IP修改工具2.74/skins/skin0015.skn
IP修改工具2.74/skins/skin0016.skn
IP修改工具2.74/skins/skin0018.skn
IP修改工具2.74/skins/skin0020.skn
IP修改工具2.74/skins/skin0021.skn
IP修改工具2.74/skins/skin0025.skn
IP修改工具2.74/skins/skin0028.skn
IP修改工具2.74/skins/skin0031.skn
IP修改工具2.74/skins/skin0037.skn
IP修改工具2.74/skins/skin0038.skn
IP修改工具2.74/skins/skin0040.skn
IP修改工具2.74/skins/skin0041.skn
IP修改工具2.74/skins/skin0046.skn
IP修改工具2.74/skins/skin0050.skn
IP修改工具2.74/skins/skin0062.skn
IP修改工具2.74/skins/skin0063.skn
IP修改工具2.74/skins/skin0076.skn
IP修改工具2.74/skins/skin0081.skn
IP修改工具2.74/skins/skin0083.skn
IP修改工具2.74/skins/skin0086.skn
IP修改工具2.74/skins/skin0094.skn
IP修改工具2.74/skins/skin0095.skn
IP修改工具2.74/skins/skin0098.skn
IP修改工具2.74/skins/skin0099.skn
IP修改工具2.74/skins/skin0101.skn
IP修改工具2.74/skins/skin0103.skn
IP修改工具2.74/skins/skin0113.skn
IP修改工具2.74/skins/skin0117.skn
IP修改工具2.74/skins/skin0120.skn
IP修改工具2.74/skins/skin0123.skn
IP修改工具2.74/skins/skin0125.skn
IP修改工具2.74/skins/skin0127.skn
IP修改工具2.74/skins/skin0151.skn
IP修改工具2.74/skins/skin0153.skn
IP修改工具2.74/skins/skin0165.skn
IP修改工具2.74/skins/skin0171.skn
IP修改工具2.74/skins/skin0188.skn
IP修改工具2.74/skins/skin0196.skn
IP修改工具2.74/skins/skin0204.skn
IP修改工具2.74/skins/skin0217.skn
IP修改工具2.74/skins/skin0224.skn
IP修改工具2.74/skins/skin0225.skn
IP修改工具2.74/skins/skin0227.skn
IP修改工具2.74/skins/skin0230.skn
IP修改工具2.74/skins/skin0237.skn
IP修改工具2.74/skins/skin0243.skn
IP修改工具2.74/skins/skin0246.skn
IP修改工具2.74/skins/skin0256.skn
IP修改工具2.74/skins/skin0264.skn
IP修改工具2.74/skins/skin0273.skn
IP修改工具2.74/skins/skin0279.skn
IP修改工具2.74/skins/skin0281.skn
IP修改工具2.74/skins/skin0297.skn
IP修改工具2.74/skins/skin0316.skn
IP修改工具2.74/skins/skin0338.skn
IP修改工具2.74/skins/skin0357.skn
IP修改工具2.74/skins/skin0368.skn
IP修改工具2.74/skins/skin0377.skn
IP修改工具2.74/skins/skin0383.skn
IP修改工具2.74/新云软件.url
.url
IP修改工具2.74/版本说明.txt
IP修改工具2.74/网络扫描.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 186KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IP修改工具2.74/说明.txt
IP修改工具2.74/配置.ini

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 260KB - Virtual size: 652KB

DATA Size: 3KB - Virtual size: 12KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 40KB

.rsrc Size: 28KB - Virtual size: 64KB

.aspack Size: 8KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 186KB - Virtual size: 460KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 36KB

.rsrc Size: 13KB - Virtual size: 48KB

.aspack Size: 7KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 260KB - Virtual size: 652KB

DATA
Size: 3KB - Virtual size: 12KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 40KB

.rsrc
Size: 28KB - Virtual size: 64KB

.aspack
Size: 8KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 186KB - Virtual size: 460KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 36KB

.rsrc
Size: 13KB - Virtual size: 48KB

.aspack
Size: 7KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB