e1900e1e64c730073c74c7bd72ef8f3e | Triage

Sharing

General

Target

e1900e1e64c730073c74c7bd72ef8f3e
Size

176KB
MD5

e1900e1e64c730073c74c7bd72ef8f3e
SHA1

f2a2faf02d532bf9f2c209d349c580f4525ad19a
SHA256

b792a3a2b46072f6c0ef11cc0e0b4366af25a4a43e5a94476b6e387e765a1e25
SHA512

9256d304e6cfb52a070276d026eb86eec713fa6054092e9d977a5b734f240cc8d767f7f1117347fe4c50f516736339e34839d7614fd603eef4d4a797e1cd0722
SSDEEP

3072:Kt5X/FnNDIwTweBhNZAxdJIeQ7hqrw1o98PsMBv3MCmJpJTJOO:Kth9DfKx/8GcsMBvMCmJppIO

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1900e1e64c730073c74c7bd72ef8f3e

Files

e1900e1e64c730073c74c7bd72ef8f3e
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BindIEBrowser
CoolGetVersion
FireCoolPopup
SendSomethingToHookLib
SetHook

Sections

Size: 26KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE