622f3fad4a87fdaff3af1624dd1971c1d2fc7e50f2b1ea53aa5d75b0a6f9731f

Sharing

Copy URL Twitter E-mail

General

Target

622f3fad4a87fdaff3af1624dd1971c1d2fc7e50f2b1ea53aa5d75b0a6f9731f
Size

1.5MB
MD5

d942458e647abe6e1a1e8e72589e0dfb
SHA1

e2c4e22fd83ab2f8017c7a8400b836fce338142c
SHA256

622f3fad4a87fdaff3af1624dd1971c1d2fc7e50f2b1ea53aa5d75b0a6f9731f
SHA512

65cbdc0766832bdf6d76d772946dbb650c8a7e0a5a2bd83884a33d5a04eb623b97b2c5f75204632fcd3d9445c8f215bad4887d941d5009de4062f62aaf36f34e
SSDEEP

24576:QIWNkFQgc1ssJSJdTYDZWThuf56I50wq5u+dw9tbaFKcbsVZ4GEgYSNnRU:QHNkFyssJIdTYJX4Xw9tbagfL4Gp9NW

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/201407301845596511/jedata.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/201407301845596511/jedata.dll	upx

Files

622f3fad4a87fdaff3af1624dd1971c1d2fc7e50f2b1ea53aa5d75b0a6f9731f
.rar
201407301845596511/jb51.net.txt
201407301845596511/jedata.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
201407301845596511/去脚本之家看看.url
.url
201407301845596511/服务器软件.url
.url
201407301845596511/熊大秒评论秒赞系统3.0.exe
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 588KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

emjkzjpm
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eyhlbchh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
201407301845596511/皮肤.she

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 156KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 588KB - Virtual size: 1.5MB

.rsrc Size: 16KB - Virtual size: 42KB

.idata Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 1004KB

emjkzjpm Size: 824KB - Virtual size: 824KB

eyhlbchh Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 156KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 42KB

.idata
Size: 4KB - Virtual size: 4KB

emjkzjpm
Size: 824KB - Virtual size: 824KB

eyhlbchh
Size: 4KB - Virtual size: 4KB