Install
SendMessage
StartDevice
StartHook
StopHook
Uninstall
Behavioral task
behavioral1
Sample
112bdc9b9a88e11e6b28d14c0d00333c3bb83635bfc02f6c112c789e25082dd6.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
112bdc9b9a88e11e6b28d14c0d00333c3bb83635bfc02f6c112c789e25082dd6.dll
Resource
win10v2004-20230220-en
Target
112bdc9b9a88e11e6b28d14c0d00333c3bb83635bfc02f6c112c789e25082dd6
Size
355KB
MD5
bfb33648fbf08a10f0bbcbdca407886c
SHA1
5b808087688b7d3d62ee4853190a4dcfea7b3180
SHA256
112bdc9b9a88e11e6b28d14c0d00333c3bb83635bfc02f6c112c789e25082dd6
SHA512
c4814a9866cad30151dcdbfb55ce04af93ce7770d697a472267f0b3e89453f8aa29c44fa4009c5a3a2346bda6cfd9c6f2449402ad02c6410d7862848c0c26405
SSDEEP
6144:6kNoxlAQZRT8venUtLx8synxnG65evpvX8DTwWuGELhtj/GLXii0jfKoS3:EvAQZRT8vecOsuxnLApvX8I7Rht7GLX/
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
112bdc9b9a88e11e6b28d14c0d00333c3bb83635bfc02f6c112c789e25082dd6 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Install
SendMessage
StartDevice
StartHook
StopHook
Uninstall
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE