569fc85824dea400b31964e49dd7095dbe5a4b9684b25337a1679c21e9dbd151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

569fc85824dea400b31964e49dd7095dbe5a4b9684b25337a1679c21e9dbd151
Size

2.5MB
MD5

85837f227b35ed051fbe55bbfef7a8dd
SHA1

c7600c99b47650761f865192c10952c4b73bb124
SHA256

569fc85824dea400b31964e49dd7095dbe5a4b9684b25337a1679c21e9dbd151
SHA512

b612ef527df093795111abe90a201db4057f3668fd0c65beb3f59c2b03a08775bc121e05e3bc2ed6f89e7b427d92102f978f4981df8195b5c094b936599ca640
SSDEEP

24576:oevE4yRTOaRhfZ62YZMCQTt3jr1Ug+NJssuTvj2N9QHubrPG2/5a/JwymC9j:o4EJDJeMXTlr+NJ9Ivj2fFDGOMH

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
569fc85824dea400b31964e49dd7095dbe5a4b9684b25337a1679c21e9dbd151

Files

569fc85824dea400b31964e49dd7095dbe5a4b9684b25337a1679c21e9dbd151
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 238KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE