cc56d89fe76c60bf4c368d6d9fc56171 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc56d89fe76c60bf4c368d6d9fc56171
Size

48KB
MD5

cc56d89fe76c60bf4c368d6d9fc56171
SHA1

43a4be56f0e16fe7c8a41b34d0ac7c4f054fef2e
SHA256

e1ff3dbef5dc4f53eff2408114d4d263c7873369697978d10a96ce76a2d30185
SHA512

ef0e9d74d20868d0bccf36d064c6efc49d80d4f87f2cda97126950202b385a18fc155da632b018f11f982c453e025f6fe56e913068b111c2b32b1df9781345e1
SSDEEP

1536:UiIw2YDDvJrplm5/ldwkld1LhepBnouy8:SuvJfKtHldZhephout

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc56d89fe76c60bf4c368d6d9fc56171

Files

cc56d89fe76c60bf4c368d6d9fc56171
.dll regsvr32 windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

HAM0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HAM1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HAM2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE