DAMN NFO Viewer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DAMN NFO Viewer.exe
Size

96KB
MD5

efa24437be6d307a7aeec819f30ee1f5
SHA1

71047fe016cf9108ccbe31f99aacf68eddca4982
SHA256

715ef430ccd7f23e2b062833f603fbe769ff39779a7d4b6a4f5e620cbabb63a5
SHA512

09c9d43c29b9ed4552fe9de1bdaa435511647af519a7986c6cc18f520b3c7ad26e9c86d68739a1176112d54b66358bfad4dc8c1b78b5a361ef46263296cc455c
SSDEEP

1536:h+0CFMPWa7Q1p6BgIAG+NHeWj6nby1X3y4Gia5888dVmuGA5:h+P6PW2lgZLewHy1i6888dks5

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DAMN NFO Viewer.exe

Files

DAMN NFO Viewer.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 34KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DAMN
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE