SetMyHook
UnMyHook
jksHook
jtzHook
Behavioral task
behavioral1
Sample
57c946fc90fa6e8b36616e0999087c45.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
57c946fc90fa6e8b36616e0999087c45.dll
Resource
win10v2004-20231215-en
Target
57c946fc90fa6e8b36616e0999087c45
Size
19KB
MD5
57c946fc90fa6e8b36616e0999087c45
SHA1
d4e3bae44293e70c5cce0c06bd2267e866480e10
SHA256
03fd98d8ce61ad6016d6e61afc2b766f6c60780b66d4995a2aca8bbebc152438
SHA512
17e0568e63d88abf5a8915f6c3db4870d0848e85a093127969840d92f87dfd11fdd4fcc3b092f4a7c5bd76e98c832b7de555f17ad2df2eb9df7bd5feab37cdf2
SSDEEP
192:njeCgZocf9LCyvyQP+2mFCXK2pwqCffMeUS5zA/O7pQ88bjGNuMmajPcNM5cFYZz:jeZZRvHWfZ5MG7pSktkP0zDWyTGkW
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
57c946fc90fa6e8b36616e0999087c45 |
unpack001/out.upx |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
SetMyHook
UnMyHook
jksHook
jtzHook
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ