DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Behavioral task
behavioral1
Sample
00bfeff8f2b7f972021e81df25a8a2b3.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
00bfeff8f2b7f972021e81df25a8a2b3.dll
Resource
win10v2004-20231215-en
Target
00bfeff8f2b7f972021e81df25a8a2b3
Size
42KB
MD5
00bfeff8f2b7f972021e81df25a8a2b3
SHA1
766182933fcce89b58a28470a162323531a2014e
SHA256
59fccc93f0690b4fcaabe3f2ed1f66ca39097841640186e1c1d6bc7e00120d0b
SHA512
a5e008483a539bee461087cd3c8ae7391986920d370754a5abc5e6094c5a07ef6100f6a8c0bcb7373f4ae4f8bf69b36fa1c6cadad6b82c082f69ff5796746e75
SSDEEP
768:YLC+sD90qioeXJH+fiMLGXV9OmRlqsJbcNSeEIsZjHWDGlEEtEve92w8PL2Rg:N+W+0WJHxaEVM4hbcNXAj9aI2dz2R
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
00bfeff8f2b7f972021e81df25a8a2b3 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ