SecuriteInfo[.]com[.]not-a-virus[.]HEUR[.]RemoteAdmin[.]Win32[.]Conne[.]gen[.]1416[.]17840[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.not-a-virus.HEUR.RemoteAdmin.Win32.Conne.gen.1416.17840.exe
Size

27.3MB
MD5

620f66394c69689cf59777aa25351b34
SHA1

8b1bb96bbf15e7b30402071eec51b622c399a724
SHA256

288a5141311f0a00377a6f97133c852136790a40027f9be14bb10b0fd47aff83
SHA512

e172921ec02dfb82906dc41be244a33b57f3a2d779c4f19660080bb6b09e0bf9b98484d134ee7b11df68c204ea6f7687d05fd0f5eb8ea78748f63e00999314ac
SSDEEP

786432:4XJLqGTpK1geAs5P/VJtDACKJ0kKkD4DG9FzpongU:4ZJQooVPDAEkKo4q9FzAD

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.not-a-virus.HEUR.RemoteAdmin.Win32.Conne.gen.1416.17840.exe

Files

SecuriteInfo.com.not-a-virus.HEUR.RemoteAdmin.Win32.Conne.gen.1416.17840.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept

Sections

.text
Size: 12.4MB - Virtual size: 50.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 64KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 139KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14.7MB - Virtual size: 45.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 12.4MB - Virtual size: 50.3MB

.itext Size: 64KB - Virtual size: 272KB

.data Size: 139KB - Virtual size: 504KB

.bss Size: - Virtual size: 1.1MB

.idata Size: 9KB - Virtual size: 36KB

.didata Size: 6KB - Virtual size: 28KB

.edata Size: 512B - Virtual size: 4KB

.tls Size: - Virtual size: 96B

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 3.7MB

.rsrc Size: 14.7MB - Virtual size: 45.8MB

.aspack Size: 23KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

.text
Size: 12.4MB - Virtual size: 50.3MB

.itext
Size: 64KB - Virtual size: 272KB

.data
Size: 139KB - Virtual size: 504KB

.bss
Size: - Virtual size: 1.1MB

.idata
Size: 9KB - Virtual size: 36KB

.didata
Size: 6KB - Virtual size: 28KB

.edata
Size: 512B - Virtual size: 4KB

.tls
Size: - Virtual size: 96B

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 3.7MB

.rsrc
Size: 14.7MB - Virtual size: 45.8MB

.aspack
Size: 23KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB