DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
13b1b3b7aad8fb5bb29192a45ef603ff.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
13b1b3b7aad8fb5bb29192a45ef603ff.dll
Resource
win10v2004-20231215-en
Target
13b1b3b7aad8fb5bb29192a45ef603ff
Size
172KB
MD5
13b1b3b7aad8fb5bb29192a45ef603ff
SHA1
c3aa8610f2eeda60c20b934683814527235e57da
SHA256
75fead0a2cca3ee47c383c16be539a60d0fcbc77138006b77a7915bb1adb2c17
SHA512
1238229b266788c0062993df4429bf448b73742f877c37c5360b9ea633a10e2d2eedaa6bc70d31ceb26f405d20350e1e73bf749a0dc824b2d774a14261b0df6f
SSDEEP
3072:Civ5hBPckjIYl1SJ7mMvrWGUjqSGMjnQG2NDJkn3rCn7v/GFYxMgyDkT:jPeVYPSlvC3FG4QRHWra7nGexMtDc
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
13b1b3b7aad8fb5bb29192a45ef603ff |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE