1dfdd5e0c7f45aaa085f152e7d81d45a3034c1992809322af421f948615cf45b

General

Target

1dfdd5e0c7f45aaa085f152e7d81d45a3034c1992809322af421f948615cf45b
Size

173KB
MD5

f7fecd372cdc481f0fe5b37cd8b06e75
SHA1

080bda91b711db70f2abe554ca8e8914ce3e4557
SHA256

1dfdd5e0c7f45aaa085f152e7d81d45a3034c1992809322af421f948615cf45b
SHA512

87b6aca8bbeb800660fba888fbb5e94a9f1131d7f2ccfa4d8dfdbe489c930fe665017096d2efe02daa890379db93580f756858024e50d4ecf5e299ed93c68909
SSDEEP

3072:wzXX/wvYsFDXMpkiw/vLjUmK+g06ckzerFIMQC4JO4D1vLB:EXIw+G6Ej0kzeIMQC4I4D1vL

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

1dfdd5e0c7f45aaa085f152e7d81d45a3034c1992809322af421f948615cf45b
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

InstallHook
InstallMyDll
UnInstallHook

Sections

UPX0
Size: - Virtual size: 332KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LoadCor
Size: 4KB - Virtual size: 759B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GetLock
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IsVista
Size: 4KB - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RegRead
Size: 4KB - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GetCurW
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 332KB

UPX1 Size: 170KB - Virtual size: 172KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 32KB - Virtual size: 28KB

.LoadCor Size: 4KB - Virtual size: 759B

.GetLock Size: 4KB - Virtual size: 1KB

.IsVista Size: 4KB - Virtual size: 910B

.RegRead Size: 4KB - Virtual size: 128B

.GetCurW Size: 8KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 404KB - Virtual size: 409KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

UPX0
Size: - Virtual size: 332KB

UPX1
Size: 170KB - Virtual size: 172KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.LoadCor
Size: 4KB - Virtual size: 759B

.GetLock
Size: 4KB - Virtual size: 1KB

.IsVista
Size: 4KB - Virtual size: 910B

.RegRead
Size: 4KB - Virtual size: 128B

.GetCurW
Size: 8KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 404KB - Virtual size: 409KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB