24f3b147914290a2537d0a61f52009db0f82f5ccdc7eb8843923b44f61a78f72

Sharing

Copy URL

Twitter E-mail

General

Target

24f3b147914290a2537d0a61f52009db0f82f5ccdc7eb8843923b44f61a78f72
Size

10.3MB
MD5

ecddb593337eeaa48ce5a0f5ad0f4136
SHA1

6e4d3e63bc1a86f9135524dd213185c86a415912
SHA256

24f3b147914290a2537d0a61f52009db0f82f5ccdc7eb8843923b44f61a78f72
SHA512

af928c9ce7277e462a97957e6108be927de7745f216470a9a0de48443e374d4541afb64c93821306790efbf8f9de71cef6b4aeec78f03f4b47b5bde939e0b74e
SSDEEP

196608:CwOFxXdSL4hvgC1z/PEyv6AfU/y7cDV/wMZh02X8tyTlADzbxAT:5OF5dSLnC1/ZvFQyYDVxZhHVTOPbx4

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

Processes:

resource	yara_rule
static1/unpack001/hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/dm.dll	acprotect
static1/unpack001/hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/jedata.dll	acprotect

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/dm.dll	upx
static1/unpack001/hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/jedata.dll	upx
static1/unpack001/hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/火线精英大主宰自动开枪脚本多分辨率支持V1.2.exe	upx

Files

24f3b147914290a2537d0a61f52009db0f82f5ccdc7eb8843923b44f61a78f72
.rar
hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/dd.txt
hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/dm.dll
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z
CBFunA
CBFunB
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 684KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 753KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tp0
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tp1
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/jedata.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/使用说明.txt
hxjydazhuzai/火线精英大主宰自动开枪脚本多分辨率支持V1.2/火线精英大主宰自动开枪脚本多分辨率支持V1.2.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9.4MB - Virtual size: 9.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.txt
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 684KB

UPX1 Size: 753KB - Virtual size: 756KB

.rsrc Size: 50KB - Virtual size: 52KB

Headers

File Characteristics

Sections

.text Size: 740KB - Virtual size: 739KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 36KB - Virtual size: 108KB

.rsrc Size: 232KB - Virtual size: 229KB

.tp0 Size: 48KB - Virtual size: 44KB

.tp1 Size: 160KB - Virtual size: 157KB

.reloc Size: 36KB - Virtual size: 33KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 156KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.5MB

UPX1 Size: 9.4MB - Virtual size: 9.4MB

.rsrc Size: 103KB - Virtual size: 104KB

UPX0
Size: - Virtual size: 684KB

UPX1
Size: 753KB - Virtual size: 756KB

.rsrc
Size: 50KB - Virtual size: 52KB

.text
Size: 740KB - Virtual size: 739KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 36KB - Virtual size: 108KB

.rsrc
Size: 232KB - Virtual size: 229KB

.tp0
Size: 48KB - Virtual size: 44KB

.tp1
Size: 160KB - Virtual size: 157KB

.reloc
Size: 36KB - Virtual size: 33KB

UPX0
Size: - Virtual size: 156KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 6.5MB

UPX1
Size: 9.4MB - Virtual size: 9.4MB

.rsrc
Size: 103KB - Virtual size: 104KB