2c91cec9e7a54a4bf023d4acbc31dd6b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c91cec9e7a54a4bf023d4acbc31dd6b
Size

297KB
MD5

2c91cec9e7a54a4bf023d4acbc31dd6b
SHA1

41c1e798ff0e4f384f49ca6a474779169146b36a
SHA256

7dd81d440d032bf7e753da296016d62ef839a87ed7fea063dc97bc759eb8132b
SHA512

01fe0acfd9f50f1f653d8eb10417d3585fb21f961b8e6c38b08d1ecf7066fa5ecd6448a6a67b13e3c8f5ead7a7a23c5b1232f65dbc00783c3c32e2600c5ed5de
SSDEEP

6144:yXmUPIv8Iee1p+tcvC+IVPQa+AibnonZ0zKJmzUXSx9f+UQIr3ZOSg:yXmS55e1g9Bz+AqoVMQIr0z

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c91cec9e7a54a4bf023d4acbc31dd6b

Files

2c91cec9e7a54a4bf023d4acbc31dd6b
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

xAvise_Desinstalacao
xChange_User
xEnd
xInit
xShutdown

Sections

*D�
Size: - Virtual size: 492KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Y�5
Size: 289KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE