8162de62bc0c041297c6f2e0501247189a06bf8a98b1157ad6387bfa25f931e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8162de62bc0c041297c6f2e0501247189a06bf8a98b1157ad6387bfa25f931e0
Size

63KB
MD5

dc9ebb46915376674178daa1844f07b6
SHA1

96635b7a1a12488f09a562136c6b4e9571929d9c
SHA256

8162de62bc0c041297c6f2e0501247189a06bf8a98b1157ad6387bfa25f931e0
SHA512

7ed2d1bdd7578edbcf4e7a80081473dbdb61601ed34c06c43162ff329c28c6b4761a0dc9f24d294511f1f0dbdfe47af9713606614fedc2f3595169b96d70795f
SSDEEP

1536:+K7XgRkdHF8s45LCS2TsgN4omsLKAxA/hILUxeSh/exNB:+KokdF8P5LGsgNvp7xexlhm3B

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/DHTMLAccess.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/DHTMLAccess.dll	upx

Files

8162de62bc0c041297c6f2e0501247189a06bf8a98b1157ad6387bfa25f931e0
.cab
DHTMLAccess.dll
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ManageMC
Navigate
SpecialFunc

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DHTMLAccess.inf