2ec3d3339b8d9c8402e876334b2d99bb5f88ffbba14ab251cb3b363e7f1198e2N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec3d3339b8d9c8402e876334b2d99bb5f88ffbba14ab251cb3b363e7f1198e2N
Size

27KB
MD5

aa930e049a5fd64457255c02f48385d0
SHA1

01708b18d09f01b14460a14dc4744e68458c0f53
SHA256

2ec3d3339b8d9c8402e876334b2d99bb5f88ffbba14ab251cb3b363e7f1198e2
SHA512

b922bc04aa9d8e519f9d2f086497a1ad8c1b54f3d3aaf809d966409b076c6c08e09ffdcc16242ae8065902e1a79f51598e61e0ac0ff4ff6c448d3fc330333d64
SSDEEP

384:IWSsOB5sIygmI97asOce3G3FfwRxxw9nKLkFsygklMvkY5+7Axgr6+e9Pfqbn1:qDB+qme7AN23JwJw9KLaaky8Y/xHha5

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec3d3339b8d9c8402e876334b2d99bb5f88ffbba14ab251cb3b363e7f1198e2N

Files

2ec3d3339b8d9c8402e876334b2d99bb5f88ffbba14ab251cb3b363e7f1198e2N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE