70bc96352f5402664f252c6b9167829e2a66a6aa96caa0f32768e57006d77f64 | Triage

Sharing

General

Target

70bc96352f5402664f252c6b9167829e2a66a6aa96caa0f32768e57006d77f64
Size

446KB
MD5

c5642443fd69d4eb4411e6992c3490c5
SHA1

b24c7528aa3d6254167636ee656b8396a7fba252
SHA256

70bc96352f5402664f252c6b9167829e2a66a6aa96caa0f32768e57006d77f64
SHA512

a3062585e8a23f897a9c02feb7b4144b6d69fccce3df6824085fba9c08a3c0c7ca1698f85d674c9ef31848838812679c245b303f9b3a55553d053d8cf6d0201c
SSDEEP

12288:PNNnu26gZ9Aymc3t2R7wv/kbrB9qfAwV6sEARJj04zoS:P3VPAE3t4wv/k8pEQA

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bc96352f5402664f252c6b9167829e2a66a6aa96caa0f32768e57006d77f64

Files

70bc96352f5402664f252c6b9167829e2a66a6aa96caa0f32768e57006d77f64
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Explorαװ
Syst��Ȩ
��װ��
��
��
��
��ֽڼ�
��EXMD5
�ع�
��DXF��
��ͼ��
��̰��
��ģ��
��
ö��
��ǿɾ
ȡģ��ַ
��ڴ�
��갴��
��
��ƶ�
д�ֽڼ�
ж��
�Խ��ID

Sections

Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 437KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE