ecc144dc2adf54acfccd27e0e5acb1e716fbcbab8e042d363e2a7930b749a888

Sharing

Copy URL Twitter E-mail

General

Target

ecc144dc2adf54acfccd27e0e5acb1e716fbcbab8e042d363e2a7930b749a888
Size

1.1MB
MD5

7fe74927cbc8fec01654d703c2b1b066
SHA1

b9f278fa52f506f5545bbbdd6b6961918bb4ab67
SHA256

ecc144dc2adf54acfccd27e0e5acb1e716fbcbab8e042d363e2a7930b749a888
SHA512

69a3d72cd8d9d1686f7d291e6b31ca47ce6ff27533e225791f16b458fab74ac1176b98d1f5c48f81ae5b86651c0cc40218286b5ddcb617d670bc124b48e98b67
SSDEEP

24576:B+E7hmNk6gUDSnZuv6qnafGhcqM/nr4F1bEutK/raaxIDFvWV6r+AB:P7hCkyDSnrWPctnruUajBWgyi

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/ѺעV2.0/SkinH_EL.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/ѺעV2.0/SkinH_EL.dll	upx

Files

ecc144dc2adf54acfccd27e0e5acb1e716fbcbab8e042d363e2a7930b749a888
.zip
ѺעV2.0/SkinH_EL.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ѺעV2.0/config.ini
ѺעV2.0/Զ̴ƽ̨.txt
ѺעV2.0/ͨӪվ.url
.url
ѺעV2.0/ѺעV2.0.exe
.exe windows x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ѺעV2.0/net2.0.url
.url
ѺעV2.0/ʺ.txt
˵.htm
.html .js

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 152KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 404B

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 99KB - Virtual size: 98KB

.text Size: 512B - Virtual size: 511B

UPX0
Size: - Virtual size: 152KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 404B

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 99KB - Virtual size: 98KB

.text
Size: 512B - Virtual size: 511B