799f8fdc25f56238350cafdb0f74d82654377df1ab17afb0ef823de43c2cca4e | Triage

Sharing

General

Target

799f8fdc25f56238350cafdb0f74d82654377df1ab17afb0ef823de43c2cca4e
Size

3.6MB
MD5

2af2c148d7ed2d5167d9c00c081d3e8e
SHA1

f89b88b6ed48e5d8b33b13c61ccef68a94d136b5
SHA256

799f8fdc25f56238350cafdb0f74d82654377df1ab17afb0ef823de43c2cca4e
SHA512

fc077d4909a12a2e1438749fdb1e0d32bf8c89f17aee34aa9e01b8e0e1d0284a2ab655eac7ac19de8e57bc2db7bf995e9e498fd48bc8c9f77ae514ffeca4831a
SSDEEP

98304:cGqDm8/rypVIGPhJEuL2oNOF3076h4nNKvV1+h32fHHF4VA9:cG2m0y3IGEu743iLKvVBHF4A

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
799f8fdc25f56238350cafdb0f74d82654377df1ab17afb0ef823de43c2cca4e

Files

799f8fdc25f56238350cafdb0f74d82654377df1ab17afb0ef823de43c2cca4e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE