b13f84bc9f5f19dcf26db1db9bf81563b2b0521baf00dd7bc64113766047a1e8

Resubmissions

16/04/2024, 09:10

240416-k5gyqafh5x 10

10/08/2023, 03:10

230810-dn241ahd33 10

Sharing

Copy URL

Twitter E-mail

General

Target

b13f84bc9f5f19dcf26db1db9bf81563b2b0521baf00dd7bc64113766047a1e8
Size

1.2MB
MD5

ffb44adf8a042f66ed15e389ddf3d7e6
SHA1

f50c6331acdd4f2bc40fd92d7662687611d539a2
SHA256

b13f84bc9f5f19dcf26db1db9bf81563b2b0521baf00dd7bc64113766047a1e8
SHA512

2ea423dda7bb0aef7d976c9811c7a8dd671715c20719d413fd764785c014f76a6169b665140c7daf43b608d49537c163e4c25a85cc1250ca811ea3c99a5901a9
SSDEEP

24576:AV+L/MfrE93gam5k5EiwVzVaKsI9w2PFwK1YCdftE3xTUwXNyKQ:UfIpgamqoNswHPFwA54TUw9yKQ

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/Trainer.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Trainer.exe

Files

b13f84bc9f5f19dcf26db1db9bf81563b2b0521baf00dd7bc64113766047a1e8
.rar
BG3.AXE
Generated.zip
.zip
Generated/Data/Armor.txt
Generated/Data/BloodTypes.txt
Generated/Data/Character.txt
Generated/Data/Crimes.lsx
.xml
Generated/Data/CriticalHitTypes.txt
Generated/Data/Data.txt
Generated/Data/Interrupt.txt
Generated/Data/ItemColor.txt
Generated/Data/ItemProgressionNames.txt
Generated/Data/ItemProgressionVisuals.txt
Generated/Data/Object.txt
Generated/Data/Passive.txt
Generated/Data/Spell_Projectile.txt
Generated/Data/Spell_ProjectileStrike.txt
Generated/Data/Spell_Rush.txt
Generated/Data/Spell_Shout.txt
Generated/Data/Spell_Target.txt
Generated/Data/Spell_Teleportation.txt
Generated/Data/Spell_Throw.txt
Generated/Data/Spell_Zone.txt
Generated/Data/Status_BOOST.txt
Generated/Data/Status_DEACTIVATED.txt
Generated/Data/Status_DOWNED.txt
Generated/Data/Status_EFFECT.txt
Generated/Data/Status_FEAR.txt
Generated/Data/Status_HEAL.txt
Generated/Data/Status_INCAPACITATED.txt
Generated/Data/Status_INVISIBLE.txt
Generated/Data/Status_KNOCKED_DOWN.txt
Generated/Data/Status_POLYMORPHED.txt
Generated/Data/Status_SNEAKING.txt
Generated/Data/Weapon.txt
Generated/Data/XPData.txt
Generated/Equipment.txt
Generated/ItemCombos.txt
Generated/ItemTypes.txt
Generated/SpellSet.txt
Generated/Structure/Base/ValueLists.txt
Generated/Structure/Modifiers.txt
Generated/TreasureTable.txt
Trainer.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 311KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 147KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 39KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
常见问题.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 311KB - Virtual size: 2.1MB

.rdata Size: 8KB - Virtual size: 28KB

.data Size: 147KB - Virtual size: 392KB

.rsrc Size: 1024B - Virtual size: 64KB

.reloc Size: 39KB - Virtual size: 56KB

.aspack Size: 66KB - Virtual size: 68KB

.adata Size: - Virtual size: 4KB

.text
Size: 311KB - Virtual size: 2.1MB

.rdata
Size: 8KB - Virtual size: 28KB

.data
Size: 147KB - Virtual size: 392KB

.rsrc
Size: 1024B - Virtual size: 64KB

.reloc
Size: 39KB - Virtual size: 56KB

.aspack
Size: 66KB - Virtual size: 68KB

.adata
Size: - Virtual size: 4KB