89244fd6f2e32dd98d683bf7d21610faaa9365eb9bdefcc3bbc55c57ddc0bf4b | Triage

Sharing

General

Target

89244fd6f2e32dd98d683bf7d21610faaa9365eb9bdefcc3bbc55c57ddc0bf4b
Size

316KB
MD5

09ae03241862f53c470c7578b6b5f730
SHA1

671fb95d67ecdbf03af23b270585b475e2f5a16e
SHA256

89244fd6f2e32dd98d683bf7d21610faaa9365eb9bdefcc3bbc55c57ddc0bf4b
SHA512

ad679e3a96755e0f1fa541feb7ebe197e15587ae4a1b521889ec68849b6184f48c1fc1197d0dd5e7ac40ebe568bc88e8100e83b2bbd36a1945ce71e6e8b8caf6
SSDEEP

6144:dYacoHZuhLNmvnFB9j/wEFgSko/R5bRUXiIlhMjiJMd:dXco5OLcvFB9j/f6Sko1a7Md

Score

9^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

89244fd6f2e32dd98d683bf7d21610faaa9365eb9bdefcc3bbc55c57ddc0bf4b
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

xChange_User
xClose_File
xClose_Open
xEnd
xInit
xLoad_Params_Email
xLoad_Params_Keys
xLoad_Perm_Block
xOpen_File
xShutdown
xStart_Logger
xStop_Logger

Sections

q�
Size: - Virtual size: 720KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 306KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE