2bf4797f211c27972a51a4ec87bd0e4519cdb8159f712204e6211e56a52f3dd6

General

Target

2bf4797f211c27972a51a4ec87bd0e4519cdb8159f712204e6211e56a52f3dd6
Size

205KB
MD5

3a14fc9f34feee789fb8e3e51b6dab3b
SHA1

3e5048d99e7e846fc5539d8752e08d4db6bfc945
SHA256

2bf4797f211c27972a51a4ec87bd0e4519cdb8159f712204e6211e56a52f3dd6
SHA512

4c82407a6af913f48a864761d3ce92c2cc29d18ca44a8683b40442673fe81baf39b2fe73e850557317a2bcadaff16515e3074cc132ad1c9b77955c0644812b22
SSDEEP

6144:FvV1cjr1zLfSjD3Phma/Yg0jeNIzSum/lXWqcwUD04e:FY5Pf6D3PhH/QeFd/4nwUD0V

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bf4797f211c27972a51a4ec87bd0e4519cdb8159f712204e6211e56a52f3dd6

Files

2bf4797f211c27972a51a4ec87bd0e4519cdb8159f712204e6211e56a52f3dd6
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@$xp$41Telaalteracaopreco@TFrmTelaAlteracaoPreco
@GetPackageInfoTable
@Telaalteracaopreco@Filiais
@Telaalteracaopreco@Finalization$qqrv
@Telaalteracaopreco@FrmTelaAlteracaoPreco
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@ApplicationEvents1Restore$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@BitVoltarClick$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@BtnVerRelatorioClick$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@EventoMinimizar$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@EventoRestaurar$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@FormCloseQuery$qqrp14System@TObjectro
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@FormCreate$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@FormShow$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@MedDataFinalEnter$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@TmRelatorioTimer$qqrp14System@TObject
@Telaalteracaopreco@TFrmTelaAlteracaoPreco@WMSysCommand$qqrr22Messages@TWMSysCommand
@Telaalteracaopreco@boCriado
@Telaalteracaopreco@criaInterfaceAlteracaoPreco$qqrv
@Telaalteracaopreco@initialization$qqrv
@_telaaltercaopreco@@GetPackageInfoTable$qqrv
@_telaaltercaopreco@@PackageLoad$qqrv
@_telaaltercaopreco@@PackageUnload$qqrv
@_telaaltercaopreco@initialization$qqrv
Finalize
IniciarProcesso
Initialize
retornaVersao

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 198KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 100KB

UPX1 Size: 198KB - Virtual size: 200KB

.rsrc Size: 6KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 100KB

UPX1
Size: 198KB - Virtual size: 200KB

.rsrc
Size: 6KB - Virtual size: 8KB