4a40397f39ee6cee5ac18e690813edccdbfceacbba5a80757037707c6d429eda

Sharing

Copy URL

Twitter E-mail

General

Target

4a40397f39ee6cee5ac18e690813edccdbfceacbba5a80757037707c6d429eda
Size

173KB
MD5

788bc1443feb524ac0874dffe25e640c
SHA1

bc4b2e8dc08cb04aa62cfc62c3cb8e1bdf65bcba
SHA256

4a40397f39ee6cee5ac18e690813edccdbfceacbba5a80757037707c6d429eda
SHA512

715254abbb04909366d65ff0e3dea2edd4c8bef581889862dd2f12d57a9abccc655d53cdae22317a260cbaf42267ea50caadd6a7d411097c28445955e6f95f42
SSDEEP

3072:+LZRyeTQujQg8DPTtHkOYUfI1Ep9OAPRmPFeo8MdAPei8Os514+/obVkbjTxshTa:+uI+ZH/Y0V9ZmNepPkzT/obmHxslRXoV

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a40397f39ee6cee5ac18e690813edccdbfceacbba5a80757037707c6d429eda

Files

4a40397f39ee6cee5ac18e690813edccdbfceacbba5a80757037707c6d429eda
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BLOB_close
BLOB_display
BLOB_dump
BLOB_edit
BLOB_get
BLOB_load
BLOB_open
BLOB_put
BLOB_text_dump
BLOB_text_load
Bopen
CVT_move
KEYWORD_getTokens
KEYWORD_stringIsAToken
_isc_event_block
_isc_expand_dpb
_isc_start_transaction
fb_cancel_operation
fb_interpret
fb_print_blr
fb_shutdown
fb_shutdown_callback
fb_sqlstate
gds__alloc
gds__alloc_debug
gds__attach_database
gds__blob_info
gds__blob_size
gds__cancel_blob
gds__cancel_events
gds__close
gds__close_blob
gds__commit_retaining
gds__commit_transaction
gds__compile_request
gds__compile_request2
gds__create_blob
gds__create_blob2
gds__create_database
gds__database_cleanup
gds__database_info
gds__ddl
gds__declare
gds__decode
gds__decode_date
gds__default_printer
gds__describe
gds__describe_bind
gds__detach_database
gds__disable_subsystem
gds__dsql_finish
gds__edit
gds__enable_subsystem
gds__encode
gds__encode_date
gds__event_block
gds__event_counts
gds__event_wait
gds__execute
gds__execute_immediate
gds__fetch
gds__free
gds__ftof
gds__get_prefix
gds__get_segment
gds__get_slice
gds__interprete
gds__log
gds__log_status
gds__map_blobs
gds__msg_close
gds__msg_format
gds__msg_lookup
gds__msg_open
gds__msg_put
gds__open
gds__open_blob
gds__open_blob2
gds__parse_bpb
gds__prefix
gds__prefix_lock
gds__prefix_msg
gds__prepare
gds__prepare_transaction
gds__prepare_transaction2
gds__print_blr
gds__print_status
gds__put_error
gds__put_segment
gds__put_slice
gds__qtoq
gds__que_events
gds__receive
gds__reconnect_transaction
gds__register_cleanup
gds__release_request
gds__request_info
gds__rollback_transaction
gds__seek_blob
gds__send
gds__set_debug
gds__sqlcode
gds__start_and_send
gds__start_multiple
gds__start_request
gds__start_transaction
gds__temp_file
gds__thread_enable
gds__thread_enter
gds__thread_exit
gds__thread_start
gds__to_sqlda
gds__transaction_cleanup
gds__transaction_info
gds__unregister_cleanup
gds__unwind_request
gds__validate_lib_path
gds__vax_integer
gds__version
gds__vtof
gds__vtov
gds_alloc_flag_unfreed
gds_alloc_report
isc_add_user
isc_array_gen_sdl
isc_array_get_slice
isc_array_lookup_bounds
isc_array_lookup_desc
isc_array_put_slice
isc_array_set_desc
isc_attach_database
isc_baddress
isc_baddress_s
isc_blob_default_desc
isc_blob_gen_bpb
isc_blob_info
isc_blob_lookup_desc
isc_blob_set_desc
isc_cancel_blob
isc_cancel_events
isc_close
isc_close_blob
isc_commit_retaining
isc_commit_transaction
isc_compile_request
isc_compile_request2
isc_create_blob
isc_create_blob2
isc_create_database
isc_database_info
isc_ddl
isc_declare
isc_decode_date
isc_decode_sql_date
isc_decode_sql_time
isc_decode_timestamp
isc_delete_user
isc_describe
isc_describe_bind
isc_detach_database
isc_drop_database
isc_dsql_alloc_statement2
isc_dsql_allocate_statement
isc_dsql_describe
isc_dsql_describe_bind
isc_dsql_exec_immed2
isc_dsql_exec_immed2_m
isc_dsql_exec_immed3_m
isc_dsql_execute
isc_dsql_execute2
isc_dsql_execute2_m
isc_dsql_execute_immediate
isc_dsql_execute_immediate_m
isc_dsql_execute_m
isc_dsql_fetch
isc_dsql_fetch_a
isc_dsql_fetch_m
isc_dsql_finish
isc_dsql_free_statement
isc_dsql_insert
isc_dsql_insert_m
isc_dsql_prepare
isc_dsql_prepare_m
isc_dsql_release
isc_dsql_set_cursor_name
isc_dsql_sql_info
isc_embed_dsql_close
isc_embed_dsql_declare
isc_embed_dsql_describe
isc_embed_dsql_describe_bind
isc_embed_dsql_exec_immed2
isc_embed_dsql_execute
isc_embed_dsql_execute2
isc_embed_dsql_execute_immed
isc_embed_dsql_fetch
isc_embed_dsql_fetch_a
isc_embed_dsql_insert
isc_embed_dsql_length
isc_embed_dsql_open
isc_embed_dsql_open2
isc_embed_dsql_prepare
isc_embed_dsql_release
isc_encode_date
isc_encode_sql_date
isc_encode_sql_time
isc_encode_timestamp
isc_event_block
isc_event_block_a
isc_event_block_s
isc_event_counts
isc_execute
isc_execute_immediate
isc_expand_dpb
isc_fetch
isc_fetch_a
isc_free
isc_ftof
isc_get_client_major_version
isc_get_client_minor_version
isc_get_client_version
isc_get_segment
isc_get_slice
isc_interprete
isc_modify_dpb
isc_modify_user
isc_open
isc_open_blob
isc_open_blob2
isc_portable_integer
isc_prepare
isc_prepare_transaction
isc_prepare_transaction2
isc_print_blr
isc_print_sqlerror
isc_print_status
isc_put_segment
isc_put_slice
isc_qtoq
isc_que_events
isc_receive
isc_reconnect_transaction
isc_release_request
isc_request_info
isc_reset_fpe
isc_rollback_retaining
isc_rollback_transaction
isc_seek_blob
isc_send
isc_service_attach
isc_service_detach
isc_service_query
isc_service_start
isc_set_debug
isc_sql_interprete
isc_sqlcode
isc_sqlcode_s
isc_start_and_send
isc_start_multiple
isc_start_request
isc_start_transaction
isc_to_sqlda
isc_transact_request
isc_transaction_info
isc_unwind_request
isc_vax_integer
isc_version
isc_vtof
isc_vtov
isc_wait_for_event
perf64_format
perf64_get_info
perf64_report
perf_format
perf_get_info
perf_report

Sections

UPX0
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 416KB

UPX1 Size: 162KB - Virtual size: 164KB

.rsrc Size: 10KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 416KB

UPX1
Size: 162KB - Virtual size: 164KB

.rsrc
Size: 10KB - Virtual size: 12KB