263d376061f727a8b30b3d9e87117d9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

263d376061f727a8b30b3d9e87117d9e
Size

50KB
MD5

263d376061f727a8b30b3d9e87117d9e
SHA1

46cc04e21c471f24d5bfadabb55f28a604ec58f2
SHA256

215fcecd967bacba578bcf1b7f8b31d87764db0438a8ddd1a78558d534f6b6d6
SHA512

fde9d86ab42ac5ab87c7bba5c61edef601ff4dd23c49dfdfa7c56054632a29023beb75a20f3ade89ae7d1a7de0e4ab5cea75d4a5c195470ddc1798bee9a75154
SSDEEP

1536:H3TFlCnPuxeOwGGszBBLFyPQ60GPx8iNmnouy8:XunmxesNo0G587out

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263d376061f727a8b30b3d9e87117d9e

Files

263d376061f727a8b30b3d9e87117d9e
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

HZE0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HZE1
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE