Behavioral task
behavioral1
Sample
c00f7148d142c51873824a84ddb54db11207d7a117d369234e4961560e7ba924.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c00f7148d142c51873824a84ddb54db11207d7a117d369234e4961560e7ba924.dll
Resource
win10v2004-20221111-en
General
-
Target
c00f7148d142c51873824a84ddb54db11207d7a117d369234e4961560e7ba924
-
Size
98KB
-
MD5
7627ca746a0b46c60845a56b0d35102e
-
SHA1
4f3cfd772612be2981b7422368003d59862d9745
-
SHA256
c00f7148d142c51873824a84ddb54db11207d7a117d369234e4961560e7ba924
-
SHA512
fffe5f268b8d99627dcc9347b39fd9fa42b6b0317d9f07717ab6f3a30c3c71c2839a50b17b2cb0d6f8c8ba606f2fc581214e8c2fbe842688b3f6b8db22e9ac85
-
SSDEEP
3072:dbP7q6atkdWb7CWUcL3zWkcj4IoJIu0V0:dbPNKkwDTac8S
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
resource yara_rule sample upx
Files
-
c00f7148d142c51873824a84ddb54db11207d7a117d369234e4961560e7ba924.dll windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 96KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 68KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE