9acb2b5f01e3c5c60399ab842856d06b24d37acb78f1af778afd720565f8bbda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9acb2b5f01e3c5c60399ab842856d06b24d37acb78f1af778afd720565f8bbda
Size

418KB
MD5

422ace031bd058404f310731c16218ad
SHA1

bcad39aef2faf890d1a9cd4a5b5d4312c061afb1
SHA256

9acb2b5f01e3c5c60399ab842856d06b24d37acb78f1af778afd720565f8bbda
SHA512

83e7798c9a42049fa4aaf75f6f37780f0ac58858f6d384fa6eab5e8564e80c28064c3fb923599fc75175c8a21c413e8f120f2ac3495f3355f2aa0e4efa640e75
SSDEEP

12288:ibbZtcvdX5KAQ5osHTGUF7gcCPu118UvBp94exSTDl:ibbZtudXAAY9RJCPu78ereRl

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9acb2b5f01e3c5c60399ab842856d06b24d37acb78f1af778afd720565f8bbda
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

?LoadJpeg@@YG?AW4FSERR@@PBDPAUIMAGE@@@Z
EditHhCtrlObject
EditHhCtrlScript
FreeFilterDIB
HHA_CompileHHP
LoadFilterImage

Sections

UPX0
Size: - Virtual size: 424KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 410KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ