CancelDll
LoadDll
Behavioral task
behavioral1
Sample
94919b7da0245fd567233185796cf29396602f4bd400a32a7a635c62fce5579b.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
94919b7da0245fd567233185796cf29396602f4bd400a32a7a635c62fce5579b.dll
Resource
win10v2004-20220812-en
Target
94919b7da0245fd567233185796cf29396602f4bd400a32a7a635c62fce5579b
Size
74KB
MD5
f51428bbfdf9d2a48fc83fd8ce332836
SHA1
9da05cf8e38a885826d8174c2886b863a1735259
SHA256
94919b7da0245fd567233185796cf29396602f4bd400a32a7a635c62fce5579b
SHA512
8eef4e6e99ea52c00e2f7a249dba7a5e9fed8d108e841054a35ef687f456ad56cb25c72fd59df23a583ad10b4eda238c40a46a528e008b0fef2da58841e86c6d
SSDEEP
1536:L8NXippOCG255HsGTgnjkI5EPboHJFeXLx76gKOz806:4Ny6CG255Hlgjz5EU/oEhF
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
CancelDll
LoadDll
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ