63d5d58cb833f84c4c2687a7cb8303ca1306022ba01f68337d2180fd6521def8[.]bin[.]sample[.]gz

General

Target

63d5d58cb833f84c4c2687a7cb8303ca1306022ba01f68337d2180fd6521def8.bin.sample.gz
Size

28KB
MD5

ab70c32848956de453a870e8c5c1a2aa
SHA1

9b0b68878d14189b252231ed7ff5dccfe832e527
SHA256

b4c1e251337cc7e6ef5d4df1b3103f1704c378028eff65b57c83912ec9d1227c
SHA512

8e780d81bb34a9295c2b53cad5be876a8f58d0d617b370de70fc042d71ab1e3f208d0fd5902514aa39496aabfd2edbc723995c3556e60c91093d9648926db666
SSDEEP

384:SoQ/V0NiDpDPwHhDBDSgSN40jGcgiPQittjWljYkgO2OWIMUIBmpK0MgBscezLj7:SpuNQ6NSD6dPittSl0S2Y6IoFcezHvD

Score

7^/10

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sample

63d5d58cb833f84c4c2687a7cb8303ca1306022ba01f68337d2180fd6521def8.bin.sample.gz
.gz
sample
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_SetHook@4

Sections

.CQSN
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CQSN
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CQSN
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE