DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Behavioral task
behavioral1
Sample
99ec576fecc120f7d71e8182cb7c41df.dll
Resource
win7-20231215-en
Target
99ec576fecc120f7d71e8182cb7c41df
Size
10KB
MD5
99ec576fecc120f7d71e8182cb7c41df
SHA1
b0efe368f2a9f1219fd58cd1c2333926ec11dbbd
SHA256
3e6f02590be979de69d7d9692cfca2e4e28b0e4659c5bca31deb98a4a340c3bf
SHA512
598bdef38af8a0882fd5a0c3f63f3cbc09f7355a39736174aba835de651508f6835d1bcd0dd75500dc218ceca30625768319e749a7dd0fb335a203e14d130276
SSDEEP
192:VJoIGhLsawOzp9JmJAPgOn2H1URPUxFFaNJhLkwcud2DH9VwGfctIQaN:JGhoWdmggOMdTaNJawcudoD7U
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
99ec576fecc120f7d71e8182cb7c41df |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE