DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Behavioral task
behavioral1
Sample
65acad655a38edec064961e596f2963f.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
65acad655a38edec064961e596f2963f.dll
Resource
win10v2004-20231215-en
Target
65acad655a38edec064961e596f2963f
Size
78KB
MD5
65acad655a38edec064961e596f2963f
SHA1
2dc97794af399273b3a5bdf836d5ce39de539313
SHA256
cf2e0e857a44a3403312a97ef8383b29b79d1ff996f81ac62a22d2e1849072ad
SHA512
a638c62390e2d0f2bcebd13756ce2fb350aa9384ce9dd69eec3a2f044b7f1f7df72d4b9451c1d7736957c01154aa303e2226ad47aaa8dff5805c51aacedb42a1
SSDEEP
768:ASqSIy2FZAjd+Nj87psXVwjXLhFsQTyxpSebEcf7W9HZG9ztT9AchSSzmhsIbRV1:CXdj8k0XDUtbWuKcePa/twcnouy8Wws
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
65acad655a38edec064961e596f2963f |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE