75c6e3caba081a08935c07056a8fae793363ceb34630bb24ae2a53173b0f2c41

Sharing

Copy URL Twitter E-mail

General

Target

75c6e3caba081a08935c07056a8fae793363ceb34630bb24ae2a53173b0f2c41
Size

4.3MB
MD5

1c78953f4f573a80c0727e0880331d90
SHA1

feb11f4ff301a82e0c9ea827934fe36c5e2d8b4b
SHA256

75c6e3caba081a08935c07056a8fae793363ceb34630bb24ae2a53173b0f2c41
SHA512

c11e3e32c288b6a258a89427cd285ebb609e83cc10e93fa938d7ee5d6797f28a03b7148ade9bf1f26769ffbd86b4ef24509b599330482e916d09e34bfae2f74a
SSDEEP

98304:jAgSiVyqXL4Y0JZBVVWpUpuaUR8OaYoJ3Vs+JHB:jTSKDXLr0Jjv28W8OCssHB

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

75c6e3caba081a08935c07056a8fae793363ceb34630bb24ae2a53173b0f2c41
.exe windows:4 windows x86 arch:x86

Code Sign

33:4a:e8:f8:de:e6:75:55:b1:59:68:29:5a:72:23:b9
Certificate

Issuer

CN=QiShi(Shenzhen) Company Limited,ST=Hubei,C=China,1.2.840.113549.1.9.1=#0c103736333739373232334071712e636f6d

Not Before

24/12/2021, 11:19

Not After

24/12/2040, 16:00

Subject

CN=QiShi(Shenzhen) Company Limited,ST=Hubei,C=China,1.2.840.113549.1.9.1=#0c103736333739373232334071712e636f6d

8a:03:d1:1f:23:09:0f:86:d1:07:30:d7:6f:ad:20:69:d4:44:1b:36
Signer

Actual PE Digest

8a:03:d1:1f:23:09:0f:86:d1:07:30:d7:6f:ad:20:69:d4:44:1b:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 608KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 412KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 437KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

33:4a:e8:f8:de:e6:75:55:b1:59:68:29:5a:72:23:b9Certificate

8a:03:d1:1f:23:09:0f:86:d1:07:30:d7:6f:ad:20:69:d4:44:1b:36Signer

Headers

File Characteristics

Sections

.text Size: 608KB - Virtual size: 2.1MB

.rdata Size: 412KB - Virtual size: 864KB

.data Size: 437KB - Virtual size: 1.5MB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.aspack Size: 23KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

33:4a:e8:f8:de:e6:75:55:b1:59:68:29:5a:72:23:b9
Certificate

8a:03:d1:1f:23:09:0f:86:d1:07:30:d7:6f:ad:20:69:d4:44:1b:36
Signer

.text
Size: 608KB - Virtual size: 2.1MB

.rdata
Size: 412KB - Virtual size: 864KB

.data
Size: 437KB - Virtual size: 1.5MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.aspack
Size: 23KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB