4bc187f1b63d855199f68400dbe0ea126522d83f84a902c5187d945e8a91412f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bc187f1b63d855199f68400dbe0ea126522d83f84a902c5187d945e8a91412f
Size

2.5MB
MD5

e34a4b757eeec10796b946fe1cfad54b
SHA1

858f9f2d128fb2f2858e77a02aa8dfc33ee65324
SHA256

4bc187f1b63d855199f68400dbe0ea126522d83f84a902c5187d945e8a91412f
SHA512

3667fd3bec2d90d7aaa3da55cdcfa951efa4d71eb4800c10c859e6babf2b3f970f4081852dcfbd2968274204980d97bd00efc116b2831169ffd404ab32b92503
SSDEEP

49152:UC//uWdNygBfNyn+5VK6qD1Ayc3HJVhV+NogcdGtSTXszbFV6OX/+pXor:v7NVNY6LHJB+No+s+FgOsXor

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bc187f1b63d855199f68400dbe0ea126522d83f84a902c5187d945e8a91412f

Files

4bc187f1b63d855199f68400dbe0ea126522d83f84a902c5187d945e8a91412f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 191KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack
.data
.rdata
.rsrc/BITMAP/133
.rsrc/DIALOG/102
.text