20d396e2d8d43a6b053772e4c0d604ebb605fb8458c421bd70a05bc95925762a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20d396e2d8d43a6b053772e4c0d604ebb605fb8458c421bd70a05bc95925762a
Size

369KB
MD5

7c3d09be0e46af7b3c8287f2b14620ff
SHA1

615acb59d092b7d58495ab0beef8e118b536e3f9
SHA256

20d396e2d8d43a6b053772e4c0d604ebb605fb8458c421bd70a05bc95925762a
SHA512

cf41fd4988a614ee50f81f854d873f7d568b6bc73b0b9dca2ba57f353971538ba3b79889571b855fc78d0ea9e244fba49eb20730da2c44b7b3721322da48860d
SSDEEP

6144:aHWht6AEwvfhQJe3eYbl0wtcE1kkdBkw6cXzI+tcQW6B6K0kfKN7eTu1lYXGWKa6:AWiAxfhZugl0m1k6zjz1cBkG7eTuXj/0

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20d396e2d8d43a6b053772e4c0d604ebb605fb8458c421bd70a05bc95925762a

Files

20d396e2d8d43a6b053772e4c0d604ebb605fb8458c421bd70a05bc95925762a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 289KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE