General
-
Target
gens+.exe
-
Size
478KB
-
MD5
ddfe3aaa44e906035f9a4a35cb79259a
-
SHA1
30f39de538b49e1accfeef5537d6c53e3b2912db
-
SHA256
24ae7bb69b5174309a61d857dff4fe6b07c97bfd1984d6eaf24c6d3d01752bb1
-
SHA512
55c7cf210c0bfca603aee91edf9119d61e62f9f2eb31c84618750ea476b780d689bf7a3c0d610831f814e6b7fbbc4127eeaa7b8ba0d03c1a6d2838e85a309654
-
SSDEEP
12288:hdVZmdDQ9iaHAlyT35Ykt8mA8VU8y0ruDIoxE1:hC4n36kgkU0vox
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource gens+.exe
Files
-
gens+.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 308KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 34KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 50KB - Virtual size: 17.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 31KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 53KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE