Behavioral task
behavioral1
Sample
43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e.exe
Resource
win10v2004-20240611-en
General
-
Target
43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e
-
Size
1.2MB
-
MD5
1d983c48e8ef0a911041ede8ddf3cd51
-
SHA1
7f089a81c843a56c303b9e1b8c524288a8292110
-
SHA256
43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e
-
SHA512
658fce68cdfb05895f95262c6a33377c49abf56c4d15cff878b496dd45829303b6304708d9c12bb40a0622a8b8c72b48712cf9ec88a68ee6b55d6d45a8cfc791
-
SSDEEP
24576:rSa115dayyq7D7nL6ypYUxFNIyJOugSzpFF8Qjs5wLFnJhSXbYU4QR+fvDgYqA4l:eheD7OY56HSzp4Qj5FnJ+eQR+nDgpl
Malware Config
Signatures
-
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e
Files
-
43da823d73ed4e846da052a10c7eb02f983161239fa52d10e161965b879d628e.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 237KB - Virtual size: 496KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 929KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 21KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE