7cd68af96bcf16170939d546bd8b6256286111c505c38be428e85ba2d4a99585

Sharing

Copy URL Twitter E-mail

General

Target

7cd68af96bcf16170939d546bd8b6256286111c505c38be428e85ba2d4a99585
Size

2.3MB
MD5

a5449e4a01895a517f5a4e62dd51c337
SHA1

a43ae7b9a98f878fc518276862830dc72cb5b857
SHA256

7cd68af96bcf16170939d546bd8b6256286111c505c38be428e85ba2d4a99585
SHA512

40b431860dc6005d22460d0914a32737a488e892433d92d053c8f319ed989bb213663c69a4e3a571ea767f5f8b2fedef4521ff2996f90622d14e2b1343810a72
SSDEEP

49152:haEA8tSZOe59jdw/H09buFIbHukUSN7gSeAzGEYnQ/KAh8:haetSz595w/HIyFITuk7R7YAb8

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/menu/inc/Style.dll	acprotect

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/menu/inc/Style.dll	upx
static1/unpack001/menu/menu.exe	upx
static1/unpack001/menu/游戏排行服务端.exe	upx
static1/unpack001/menu/配置工具.exe	upx

AutoIT Executable 3 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack003/out.upx	autoit_exe
static1/unpack004/out.upx	autoit_exe
static1/unpack005/out.upx	autoit_exe

Files

7cd68af96bcf16170939d546bd8b6256286111c505c38be428e85ba2d4a99585
.rar
menu/!升级列表.txt
menu/!帮助.htm
menu/!深蓝游戏菜单接口说明.rtf
.rtf
menu/inc/Config_X.a3x
menu/inc/Convert_X.a3x
menu/inc/GameHot_X.a3x
menu/inc/Manual_Class_ico/休闲游戏.ico
menu/inc/Manual_Class_ico/单机游戏.ico
menu/inc/Manual_Class_ico/对战平台.ico
menu/inc/Manual_Class_ico/影视软件.ico
menu/inc/Manual_Class_ico/影音软件.ico
menu/inc/Manual_Class_ico/棋牌游戏.ico
menu/inc/Manual_Class_ico/游戏外挂.ico
menu/inc/Manual_Class_ico/网络游戏.ico
menu/inc/Manual_Class_ico/聊天工具.ico
menu/inc/Manual_Class_ico/通用工具.ico
menu/inc/Manual_Class_ico/金融证券.ico
menu/inc/Manual_Class_ico/音乐软件.ico
menu/inc/MenuConfig.db
menu/inc/Menu_X.a3x
menu/inc/Skin/Default.s
menu/inc/Skin/MSN.s
menu/inc/Skin/QQ2009.s
menu/inc/Skin/QQPlayer.s
menu/inc/Skin/TT-MSN.s
menu/inc/Skin/TT-QQ2009_宽_底边.s
menu/inc/Skin/TT-QQ2009_窄_底边.s
menu/inc/Skin/TT-QQ影音.s
menu/inc/Skin/TT-REAL.s
menu/inc/Skin/TT-炫绿.s
menu/inc/Skin/TT-积木.s
menu/inc/Skin/Xenes.s
menu/inc/Skin/adamant.s
menu/inc/Skin/aero.s
menu/inc/Skin/asus.s
menu/inc/Skin/black.s
menu/inc/Skin/china.s
menu/inc/Skin/compact.s
menu/inc/Skin/darkroyale.s
menu/inc/Skin/dogmax.s
menu/inc/Skin/elegance.s
menu/inc/Skin/enjoy.s
menu/inc/Skin/gem.s
menu/inc/Skin/hlong.s
menu/inc/Skin/homestead.s
menu/inc/Skin/insomnia.s
menu/inc/Skin/itunes.s
menu/inc/Skin/longhorn.s
menu/inc/Skin/office2007.s
menu/inc/Skin/ouframe.s
menu/inc/Skin/pixos.s
menu/inc/Skin/qq2008.s
menu/inc/Skin/qqgame.s
menu/inc/Skin/royale.s
menu/inc/Skin/skinh.she
menu/inc/Skin/storm.s
menu/inc/Skin/vista.s
menu/inc/Skin/whitefire.s
menu/inc/Skin/wish.s
menu/inc/Skin/xmp.s
menu/inc/Style.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
menu/inc/banner.jpg
.jpg
menu/inc/convert_xsid.db
menu/inc/py.ini
menu/inc/ver.db
menu/menu.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
menu/比克尔.url
.url
menu/游戏排行服务端.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
menu/配置工具.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 156KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 464KB

UPX1 Size: 260KB - Virtual size: 260KB

.rsrc Size: 26KB - Virtual size: 28KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 505KB - Virtual size: 504KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 25KB - Virtual size: 105KB

.rsrc Size: 34KB - Virtual size: 34KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 472KB

UPX1 Size: 260KB - Virtual size: 260KB

.rsrc Size: 35KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 505KB - Virtual size: 504KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 25KB - Virtual size: 105KB

.rsrc Size: 43KB - Virtual size: 43KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 456KB

UPX1 Size: 260KB - Virtual size: 260KB

.rsrc Size: 19KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 505KB - Virtual size: 504KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 25KB - Virtual size: 105KB

.rsrc Size: 27KB - Virtual size: 26KB

UPX0
Size: - Virtual size: 156KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 464KB

UPX1
Size: 260KB - Virtual size: 260KB

.rsrc
Size: 26KB - Virtual size: 28KB

.text
Size: 505KB - Virtual size: 504KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 25KB - Virtual size: 105KB

.rsrc
Size: 34KB - Virtual size: 34KB

UPX0
Size: - Virtual size: 472KB

UPX1
Size: 260KB - Virtual size: 260KB

.rsrc
Size: 35KB - Virtual size: 36KB

.text
Size: 505KB - Virtual size: 504KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 25KB - Virtual size: 105KB

.rsrc
Size: 43KB - Virtual size: 43KB

UPX0
Size: - Virtual size: 456KB

UPX1
Size: 260KB - Virtual size: 260KB

.rsrc
Size: 19KB - Virtual size: 20KB

.text
Size: 505KB - Virtual size: 504KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 25KB - Virtual size: 105KB

.rsrc
Size: 27KB - Virtual size: 26KB