c9474211f56a7a451e67a00a9ba712c4bfa9ebc2a12c71b3af18a9b9078f424b

Sharing

Copy URL

Twitter E-mail

General

Target

c9474211f56a7a451e67a00a9ba712c4bfa9ebc2a12c71b3af18a9b9078f424b
Size

2.6MB
MD5

453b062f5a467c61ba1bd17e47bedb32
SHA1

0024333981286eb10fe482adbf5ef17df01fe4f4
SHA256

c9474211f56a7a451e67a00a9ba712c4bfa9ebc2a12c71b3af18a9b9078f424b
SHA512

78d619cd462b410303e38e2ed0fd2a4faab9086738bb1996b66c14976a6b4860117495af4967a8a6e98a3588ba8a4030913f2c9397b48304cdfa2e6043c39df4
SSDEEP

49152:PeFQHevutBDJbIHiwCCCGXokhmP/Xx+6h/2+5Fa6R7Kpxe7MXlK0QmqKdFkY:Pee+vutFBoiwUIoD/Xx+6h/d5FaU7Kpb

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c9474211f56a7a451e67a00a9ba712c4bfa9ebc2a12c71b3af18a9b9078f424b
unpack001/out.upx

Files

c9474211f56a7a451e67a00a9ba712c4bfa9ebc2a12c71b3af18a9b9078f424b
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

cef_add_cross_origin_whitelist_entry
cef_add_web_plugin_directory
cef_add_web_plugin_path
cef_api_hash
cef_base64decode
cef_base64encode
cef_begin_tracing
cef_binary_value_create
cef_browser_create
cef_browser_host_create_browser
cef_browser_host_create_browser_sync
cef_browser_view_create
cef_browser_view_get_for_browser
cef_build_revision
cef_clear_cross_origin_whitelist
cef_clear_scheme_handler_factories
cef_command_line_create
cef_command_line_get_global
cef_cookie_manager_create_manager
cef_cookie_manager_get_blocking_manager
cef_cookie_manager_get_global_manager
cef_crash_reporting_enabled
cef_create_context_shared
cef_create_directory
cef_create_new_temp_directory
cef_create_temp_directory_in_directory
cef_create_url
cef_currently_on
cef_delete_file
cef_dictionary_value_create
cef_directory_exists
cef_display_get_alls
cef_display_get_count
cef_display_get_matching_bounds
cef_display_get_nearest_point
cef_display_get_primary
cef_do_message_loop_work
cef_drag_data_create
cef_enable_highdpi_support
cef_end_tracing
cef_execute_java_script_with_user_gesture_for_tests
cef_execute_process
cef_force_web_plugin_shutdown
cef_format_url_for_security_display
cef_get_current_platform_thread_id
cef_get_extensions_for_mime_type
cef_get_geolocation
cef_get_mime_type
cef_get_min_log_level
cef_get_path
cef_get_temp_directory
cef_image_create
cef_initialize
cef_is_cert_status_error
cef_is_cert_status_minor_error
cef_is_web_plugin_unstable
cef_label_button_create
cef_launch_process
cef_list_value_create
cef_load_crlsets_file
cef_log
cef_menu_button_create
cef_menu_model_create
cef_now_from_system_trace_time
cef_panel_create
cef_parse_csscolor
cef_parse_json
cef_parse_jsonand_return_error
cef_parse_url
cef_post_data_create
cef_post_data_element_create
cef_post_delayed_task
cef_post_task
cef_print_settings_create
cef_process_message_create
cef_quit_message_loop
cef_refresh_web_plugins
cef_register_extension
cef_register_scheme_handler_factory
cef_register_web_plugin_crash
cef_register_widevine_cdm
cef_remove_cross_origin_whitelist_entry
cef_remove_web_plugin_path
cef_request_context_create_context
cef_request_context_get_global_context
cef_request_create
cef_response_create
cef_run_message_loop
cef_scroll_view_create
cef_server_create
cef_set_crash_key_value
cef_set_osmodal_loop
cef_shutdown
cef_stream_reader_create_for_data
cef_stream_reader_create_for_file
cef_stream_reader_create_for_handler
cef_stream_writer_create_for_file
cef_stream_writer_create_for_handler
cef_string_ascii_to_utf16
cef_string_list_alloc
cef_string_list_append
cef_string_list_copy
cef_string_list_free
cef_string_list_size
cef_string_list_value
cef_string_map_alloc
cef_string_map_append
cef_string_map_free
cef_string_map_key
cef_string_map_size
cef_string_map_value
cef_string_multimap_alloc
cef_string_multimap_append
cef_string_multimap_free
cef_string_multimap_key
cef_string_multimap_size
cef_string_multimap_value
cef_string_userfree_utf16_free
cef_string_utf16_clear
cef_string_utf16_cmp
cef_string_utf16_set
cef_string_utf16_to_lower
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_utf8_to_utf16
cef_string_wide_set
cef_string_wide_to_utf8
cef_task_runner_get_for_current_thread
cef_task_runner_get_for_thread
cef_textfield_create
cef_time_delta
cef_time_now
cef_time_to_timet
cef_unregister_internal_web_plugin
cef_uridecode
cef_uriencode
cef_urlrequest_create
cef_v8context_get_current_context
cef_v8context_get_entered_context
cef_v8context_in_context
cef_v8stack_trace_get_current
cef_v8value_create_array
cef_v8value_create_array_buffer
cef_v8value_create_bool
cef_v8value_create_date
cef_v8value_create_double
cef_v8value_create_function
cef_v8value_create_int
cef_v8value_create_null
cef_v8value_create_object
cef_v8value_create_string
cef_v8value_create_uint
cef_v8value_create_undefined
cef_value_create
cef_visit_web_plugin_info
cef_window_create_top_level
cef_write_json
cef_zip_directory
cef_zip_reader_create
create_context_shared

Sections

UPX0
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 2.4MB

UPX1 Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 8KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 308KB - Virtual size: 307KB

.data Size: 2.9MB - Virtual size: 2.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 157KB - Virtual size: 156KB

UPX0
Size: - Virtual size: 2.4MB

UPX1
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 308KB - Virtual size: 307KB

.data
Size: 2.9MB - Virtual size: 2.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 157KB - Virtual size: 156KB