874a5c9f86b67d90dcbc2fa3059796e6f4519b6ac96c6eff6231cf3ec163e745

General

Target

874a5c9f86b67d90dcbc2fa3059796e6f4519b6ac96c6eff6231cf3ec163e745
Size

173KB
MD5

a75e3bff68b5863bc090043eb038974e
SHA1

3e9249b72f91bfab0759925d79ce860b25888506
SHA256

874a5c9f86b67d90dcbc2fa3059796e6f4519b6ac96c6eff6231cf3ec163e745
SHA512

7f04796e940fa0b69a3d9d38e8e31102284242d2dcdb77cac7c8ea9f710677c0388d105f367aa70e4d91d572d0937fed0e7b0319170e892275d723c1f3a36b07
SSDEEP

3072:Fk4s3Oz3eXcgM51WvkdKUtwlZ6YQ4nWpfVIL7sWbP6waxZ8n87Dj:FqOz3evlVUeNEAhr6waz887

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

874a5c9f86b67d90dcbc2fa3059796e6f4519b6ac96c6eff6231cf3ec163e745
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

InstallHook
InstallMyDll
UnInstallHook

Sections

UPX0
Size: - Virtual size: 332KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FindSpc
Size: 4KB - Virtual size: 573B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GetLock
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CreateM
Size: 4KB - Virtual size: 898B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RegWrit
Size: 4KB - Virtual size: 168B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NewRand
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 332KB

UPX1 Size: 170KB - Virtual size: 172KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 32KB - Virtual size: 29KB

.FindSpc Size: 4KB - Virtual size: 573B

.GetLock Size: 4KB - Virtual size: 1KB

.CreateM Size: 4KB - Virtual size: 898B

.RegWrit Size: 4KB - Virtual size: 168B

.NewRand Size: 8KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 404KB - Virtual size: 409KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

UPX0
Size: - Virtual size: 332KB

UPX1
Size: 170KB - Virtual size: 172KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 29KB

.FindSpc
Size: 4KB - Virtual size: 573B

.GetLock
Size: 4KB - Virtual size: 1KB

.CreateM
Size: 4KB - Virtual size: 898B

.RegWrit
Size: 4KB - Virtual size: 168B

.NewRand
Size: 8KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 404KB - Virtual size: 409KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB