8102c337ceca17cb17970957272086516e3336b43deca525eaf37c7a460365c6

Sharing

Copy URL Twitter E-mail

General

Target

8102c337ceca17cb17970957272086516e3336b43deca525eaf37c7a460365c6
Size

1.4MB
MD5

2f2df0539ec8ea7c91f96866004cab4d
SHA1

7ded6b303b8c7d02de9f6eae63de0f3186f5f689
SHA256

8102c337ceca17cb17970957272086516e3336b43deca525eaf37c7a460365c6
SHA512

c0765c5815a3f05f10f69136f14c476e7a701ec9a5df4865c899571dcacee047cc34a1b279c1cd66d610567862c09ab5fcd053f10c1c1404bb43a9d89dcc04aa
SSDEEP

24576:7uE7ID37HOOSIH4X1Pbvk6PmFrkkpWKSqjLTwbXiu8VtST2PbiNC4AG+b4XMpQqZ:d76r3Eq6PKQWPSqjLTwbXiup8iNCbBcM

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/sjjjxkswxsgpfzgj_gr/生死狙击小凯刷无限刷GP辅助v0.1/SkinH_EL.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/sjjjxkswxsgpfzgj_gr/生死狙击小凯刷无限刷GP辅助v0.1/SkinH_EL.dll	upx

Files

8102c337ceca17cb17970957272086516e3336b43deca525eaf37c7a460365c6
.zip
sjjjxkswxsgpfzgj_gr/东坡下载说明.txt
sjjjxkswxsgpfzgj_gr/更多软件下载.url
.url
sjjjxkswxsgpfzgj_gr/生死狙击小凯刷无限刷GP辅助v0.1/SkinH_EL.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
sjjjxkswxsgpfzgj_gr/生死狙击小凯刷无限刷GP辅助v0.1/生死狙击小凯刷无限刷GP辅助v0.1.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Esp0
Size: - Virtual size: 652KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Esp1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Esp
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 152KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

Esp0 Size: - Virtual size: 652KB

Esp1 Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 101KB - Virtual size: 104KB

.Esp Size: 512B - Virtual size: 511B

UPX0
Size: - Virtual size: 152KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

Esp0
Size: - Virtual size: 652KB

Esp1
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 101KB - Virtual size: 104KB

.Esp
Size: 512B - Virtual size: 511B