Behavioral task
behavioral1
Sample
ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca.exe
Resource
win10v2004-20240426-en
General
-
Target
ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca
-
Size
2.5MB
-
MD5
f7845cdc953fd06e5c317304066fcc8a
-
SHA1
8491a670b6982a348e368c983558181c05f23d42
-
SHA256
ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca
-
SHA512
4f38be1be20456015771a3f47570b723e59581ebec0fccfc54f92122bd999d1098734bcc6aaa5cd38abf443d5ccc7483085e05c5b4875d62e8e2f4b9ad53a64d
-
SSDEEP
49152:UpdOznmhl0NUzuDbI6ZejlD8mUbeX8LtE+X7GYKbHAm4c:nmhl074VhUbe8xEms
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca
Files
-
ec435b28585152c09eef6bd5b623792b140e55c1df40b056edce24c3ecdc7dca.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 224KB - Virtual size: 516KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 212KB - Virtual size: 392KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 11KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE