8311285c0c9927d220885bb66e0a6f4b3d4400ed25b8dd916529acc55ad06dc0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8311285c0c9927d220885bb66e0a6f4b3d4400ed25b8dd916529acc55ad06dc0
Size

12.6MB
MD5

0df6f11f53f3151b7ef16e4f13c1a409
SHA1

849ca3a0a1673ea98c792648513795f3fbbe5df8
SHA256

8311285c0c9927d220885bb66e0a6f4b3d4400ed25b8dd916529acc55ad06dc0
SHA512

fd5371387a92ab75608b08a2125b99faa363979238dc9c29b66d667cda4551c66aa9914d18130391d23380f631a88ea5048c3d721b4bcf1d63600c66c34a6691
SSDEEP

196608:g0CAhj5xHqjExqt9VIVnIo0S9HcSHKE3GimxMeWar+Tj+cm25D+aWx1P5v7wpyzU:HhjCjdGJr98kKuaxMLaej7m25Sak5cD

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8311285c0c9927d220885bb66e0a6f4b3d4400ed25b8dd916529acc55ad06dc0

Files

8311285c0c9927d220885bb66e0a6f4b3d4400ed25b8dd916529acc55ad06dc0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 571KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11.9MB - Virtual size: 23.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE