CreateDLLForm
GetForm
SHowDLLForm
cx_Del
cx_Exec
getcaption
getcxcodename
getqx
Behavioral task
behavioral1
Sample
5b5cf608b31567ae075d092a726d2945dbd14def29c9aeccc96a8b85f8d94c1d.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
5b5cf608b31567ae075d092a726d2945dbd14def29c9aeccc96a8b85f8d94c1d.dll
Resource
win10v2004-20230220-en
Target
5b5cf608b31567ae075d092a726d2945dbd14def29c9aeccc96a8b85f8d94c1d
Size
952KB
MD5
8a9679ee57fdea6c0358e6d1bf45f45f
SHA1
77ea76f3aae239c0711d639b33eca3bd47ab33cf
SHA256
5b5cf608b31567ae075d092a726d2945dbd14def29c9aeccc96a8b85f8d94c1d
SHA512
e3a0919193cce27d8601671d9d3058933694802937082e9cd3c8f982f4beadd194361770c728f5bf426a526aada33252437cb10afa8a93bb6cf570be0ae37c4e
SSDEEP
24576:8yQB/bF1owbwz1fy1UTqW11ZiTARnjgIOpagkxy7Ueg85u:8d9TdW1fy1UTqw1ZCsjCkqG
Processes:
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
Processes:
resource |
---|
5b5cf608b31567ae075d092a726d2945dbd14def29c9aeccc96a8b85f8d94c1d |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
CreateDLLForm
GetForm
SHowDLLForm
cx_Del
cx_Exec
getcaption
getcxcodename
getqx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE