ServiceMain
Behavioral task
behavioral1
Sample
e95afef619c295cedd2ed35ff9541174a4163d7e36edbfc812b9c6b28396b403.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e95afef619c295cedd2ed35ff9541174a4163d7e36edbfc812b9c6b28396b403.dll
Resource
win10v2004-20221111-en
General
-
Target
e95afef619c295cedd2ed35ff9541174a4163d7e36edbfc812b9c6b28396b403
-
Size
487KB
-
MD5
025476f413de2a0e20c5b9e86aa4175b
-
SHA1
a6008ca1cc87aa53f8ff3d7745ff0e66ddb2cb15
-
SHA256
e95afef619c295cedd2ed35ff9541174a4163d7e36edbfc812b9c6b28396b403
-
SHA512
8bb0740abe8b4a2a5e982999d60f513f5115e8c925a460c3707515dfd4d045a97b74c8928be39e08524eff83dcfa3cded3ef44bcbbf3d5b1b631caefa09bec08
-
SSDEEP
6144:0rCCVKvkvNbzf0635xF/AP0C8ZhXxQZk9fJ/S:rGKvGX33N1BZngq/S
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
resource yara_rule sample upx
Files
-
e95afef619c295cedd2ed35ff9541174a4163d7e36edbfc812b9c6b28396b403.dll windows x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
.UPX1 Size: - Virtual size: 516KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.UPX1 Size: 207KB - Virtual size: 223KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE