StartHook
StopHook
send_en
Behavioral task
behavioral1
Sample
049b93440d0662c6f0bea1db1dc29b92.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
049b93440d0662c6f0bea1db1dc29b92.dll
Resource
win10v2004-20231215-en
Target
049b93440d0662c6f0bea1db1dc29b92
Size
684KB
MD5
049b93440d0662c6f0bea1db1dc29b92
SHA1
1e226ab523f8dbd87fbebc5b981622468e6ca01c
SHA256
dd3c32296a1aa8fa1ea7f934cfb0a04b05c6e0e9bf99261057efe3b8813772a6
SHA512
37a79f71025f56a61f8353279370fc85b14444c0e9e15c25b37a5317b477eb424ffcfae86dca7ab7b5821c93f45e0c6c79148e3049f1c151a7c58b040c496d6f
SSDEEP
12288:Pcr15LU3/bZ8fyOYA0rw7qzPHJmJTGpEgdnxv3u3vIycv3A/S4cI3wEYGS:+15U3jSfyOYA0cOIti+vITARw6S
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
resource | yara_rule |
---|---|
sample | vmprotect |
Checks for missing Authenticode signature.
resource |
---|
049b93440d0662c6f0bea1db1dc29b92 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
StartHook
StopHook
send_en
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE