831c89f059d3f9ccba0ac0f7cabe5c17f74ca2302910d13b9bd97f685f5ca8cc

Sharing

Copy URL

Twitter E-mail

General

Target

831c89f059d3f9ccba0ac0f7cabe5c17f74ca2302910d13b9bd97f685f5ca8cc
Size

8.2MB
MD5

11546f596db48872a0a2b1a3fead81cd
SHA1

3ce82b6b878fd895552503b84b32a8e44b2a1c2a
SHA256

831c89f059d3f9ccba0ac0f7cabe5c17f74ca2302910d13b9bd97f685f5ca8cc
SHA512

0a31ffaa1a7b7706b20bd817151751050e314f343032e30b97f78da071db7cf20411630d3aa19399fdc2421bde1fb6026ada78e636fb9a0cc2f4851b36c36dd4
SSDEEP

196608:Sb1tKuVZjg+d1/dMHunQNjStO04jCqxeXwiW5MUPThLXPwmt5oV:KHFH1VqBNjStO0ExQfQZhLXRoV

Score

10^/10

aspackv2

Malware Config

Signatures

Detects executables packed with ASPack 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_ASPack

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
831c89f059d3f9ccba0ac0f7cabe5c17f74ca2302910d13b9bd97f685f5ca8cc

Files

831c89f059d3f9ccba0ac0f7cabe5c17f74ca2302910d13b9bd97f685f5ca8cc
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
madTraceProcess

Sections

.text
Size: 5.1MB - Virtual size: 16.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 28KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 403KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 5.1MB - Virtual size: 16.5MB

.itext Size: 28KB - Virtual size: 80KB

.data Size: 135KB - Virtual size: 292KB

.bss Size: - Virtual size: 236KB

.idata Size: 11KB - Virtual size: 44KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 403KB - Virtual size: 1.1MB

.rsrc Size: 2.6MB - Virtual size: 7.2MB

.aspack Size: 8KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 5.1MB - Virtual size: 16.5MB

.itext
Size: 28KB - Virtual size: 80KB

.data
Size: 135KB - Virtual size: 292KB

.bss
Size: - Virtual size: 236KB

.idata
Size: 11KB - Virtual size: 44KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 403KB - Virtual size: 1.1MB

.rsrc
Size: 2.6MB - Virtual size: 7.2MB

.aspack
Size: 8KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB