f2753927ad6a4051319c5b33ada420c262bfde1685d1989a571e1e6d8854989d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2753927ad6a4051319c5b33ada420c262bfde1685d1989a571e1e6d8854989d
Size

45KB
MD5

80725d5329e7c5e7738540d978aeeaf3
SHA1

ae3a30f4aa960f5a102a6bec1226ad2d8fde76be
SHA256

f2753927ad6a4051319c5b33ada420c262bfde1685d1989a571e1e6d8854989d
SHA512

662c36305bed3fc22d5113d093e96edcb0556a5b461450e80f1a74baba58ebf5ce350bdbf3e1fbc2c9fcd5b7d12f216d70f14afc93d88a9500388366fc99a9fa
SSDEEP

768:Ps/VKQejONQJnzETQ8zBqE+97q3tfJ6Kk25/MtGHp/BCds73v3Rlg+:PYIO+JQT3zIE+97GtcKk2NxH3Cdm3vDg

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f2753927ad6a4051319c5b33ada420c262bfde1685d1989a571e1e6d8854989d
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

?ReverseRoutine@@YGHXZ

Sections

UPX0
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ