3cac831f6faebf9794ca32113e954c6e | Triage

Sharing

General

Target

3cac831f6faebf9794ca32113e954c6e
Size

50KB
MD5

3cac831f6faebf9794ca32113e954c6e
SHA1

55f9ce02ae1e439ca477eec1317688fd951eebf1
SHA256

83abe6cb41ef103b23b7ce6be3e09561e909b75fbdf981bbf74b574e125042ca
SHA512

cda3ccc187914829aca94589ee27e4c4434be5d9540975ddf0e72c1398f21c46fa0f2bc28a91d672be153f2b051844712e7e69655b1c27d7a4e0008aa4dd0ecd
SSDEEP

1536:bp4C+7e9GsHH/U3Y/uO8Mo/U0EsGrW9O3xGEnouy8:14CWsn/U3Y/uO986hWshG0out

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cac831f6faebf9794ca32113e954c6e

Files

3cac831f6faebf9794ca32113e954c6e
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

USY0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

USY1
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE