ACProtect 1.3x - 1.4x DLL software

Detects file using ACProtect software.

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Infostealers often target stored browser data, which can include saved credentials etc.

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.

Checks installed software on the system

Looks up Uninstall key entries in the registry to enumerate software on the system.

Drops Chrome extension

Installs/modifies Browser Helper Object

BHOs are DLL modules which act as plugins for Internet Explorer.