aspnet80[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aspnet80.exe
Size

708KB
MD5

a7073a3267e29df0e36f16760942c4da
SHA1

9fb42b03685673a6936643673036a0832b90d039
SHA256

599ba59f51a3bb9db2dc7a572df715182d049fefa829e6ff6debdd38d20b7632
SHA512

b7323bc3de45540cec738cf94b87bd6cb942e889126ca9f680731f1899ef95ab90cbd0fa240b562cbb9c9c4d275f29173e85accbfc183a39045e0c70ff358419
SSDEEP

12288:lJFZqYMOaQ0q9nV/zsnK23KHVI6nodVdyMLiqyVcxwtVxgpMiuzOTIfwj7LD5fe:zFZqhOBnVyK23C6OoYMLiVcKtVx4Miu9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aspnet80.exe

Files

aspnet80.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

test
Size: - Virtual size: 988KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 625KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE