037010d7aa66d8b8e0813b9c9bb28d40N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

037010d7aa66d8b8e0813b9c9bb28d40N.exe
Size

313KB
MD5

037010d7aa66d8b8e0813b9c9bb28d40
SHA1

9fca198df56283f0fa558a119d6dd05cc1bb34e3
SHA256

cd2e431cae27a2756244e6afaed890231a4e871356429e3887df90f472c7431c
SHA512

d1399ce4987c90db46948a98fbbfe7a737bbae0d1c7fccc97db8d2815bcc0cb6f31e23a4245abc2f00d6b6c195e79f2fd3dd78279af026622f5701a25823ba24
SSDEEP

6144:l+Q8LKgUW9f12bo3lwxDHY3ThtL5jIPBpVTzDqHVVdEFP5VgP6y+Bu:p8Ldn2bo6xrUTPL5jgZG1C5C5+Bu

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
037010d7aa66d8b8e0813b9c9bb28d40N.exe

Files

037010d7aa66d8b8e0813b9c9bb28d40N.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 235KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE