b8e1c7dd01abbc0b254942f8dc9e59808d4e4576098a3f36a42ce7d8b2d43b9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e1c7dd01abbc0b254942f8dc9e59808d4e4576098a3f36a42ce7d8b2d43b9f
Size

621KB
MD5

db1b39f3e71d19e87418c6d086ff7b0e
SHA1

71549469eb119ae5187ee5563d3d45baf1f5256f
SHA256

b8e1c7dd01abbc0b254942f8dc9e59808d4e4576098a3f36a42ce7d8b2d43b9f
SHA512

6ae7c15b8fdc178111a68ef354ba2cea5121d72908504b54a1e26220852a10fb1f3600bea7546ff2cd80380066d1b64a8eea13415ccb4b477c1049a622313866
SSDEEP

12288:zcze/iPMFz87TWf/pL1bpFgwM0WI79Vl0+42fVetx:Qe/iEFziu7Hndl342Ytx

Score

9^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

b8e1c7dd01abbc0b254942f8dc9e59808d4e4576098a3f36a42ce7d8b2d43b9f
.dll windows x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Exports

Exports

RunDllHostCallBack
asm_��ڴ�
asm_��ֽڼ��ڴ�
asm_д��ڴ�
��
��
ȡ��

Sections

.text
Size: 308KB - Virtual size: 751KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE