6afbd251b227c166e1b6c02e002fa8e23084a46367270a25b9460896da28eba7

Sharing

Copy URL

Twitter E-mail

General

Target

6afbd251b227c166e1b6c02e002fa8e23084a46367270a25b9460896da28eba7
Size

6.2MB
MD5

89f4e08b274b0f4a8721e897abc1269a
SHA1

e3b976977e697aead6487dd89a13d4700813e758
SHA256

6afbd251b227c166e1b6c02e002fa8e23084a46367270a25b9460896da28eba7
SHA512

fca5cbc9a88976c4b214e341dd459456e7b653304f28f9a0a4c6fd6f04a217cee3de598e32962b4ea69b0198b5ad544e06f3450d8f7cc93d1f92edb75ae5f12d
SSDEEP

196608:BWYKioDG1mHUP4Oi8Mv6CxLMUlYPWMUQjUIRR:BWYqG1mHUi8MyS3NBo

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

Processes:

resource	yara_rule
static1/unpack001/大飞破解版/SkinH_EL.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/大飞破解版/SkinH_EL.dll	upx

Files

6afbd251b227c166e1b6c02e002fa8e23084a46367270a25b9460896da28eba7
.rar
大飞破解版/SkinH_EL.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
大飞破解版/一键启动.exe
.exe windows x86

8291f82e207ae31a3d766f1710393434

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2621
ord1134
ord535
ord941
ord800
ord537
ord540
ord823
ord668
ord1168
ord1980
ord2770
ord356
ord860
ord922
ord924
ord858
ord926
ord3790
ord939
ord5710
ord2614
ord5856
ord4278
ord2514
ord3663
ord6055
ord1776
ord5290
ord3402
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord1146
ord567
ord324
ord2135
ord2302
ord4234
ord4287
ord4160
ord2863
ord4710
ord4277
ord6662
ord5683
ord2379
ord755
ord470
ord6215
ord798
ord1997
ord5465
ord532
ord5440
ord6383
ord5450
ord6394
ord1949
ord4034
ord818
ord641
ord815
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord1576

msvcrt

__dllonexit
_itoa
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_setmbcp
__CxxFrameHandler
fclose
fread
fopen
fwrite
exit
_mbscmp
_controlfp

kernel32

CloseHandle
GetCurrentDirectoryA
Sleep
CreateFileA
WinExec
GetModuleFileNameA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
GetStartupInfoA
WriteFile
SizeofResource
DeleteFileA
GetTempPathA
LockResource
FindResourceA
LoadResource

user32

KillTimer
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
SetWindowPos
SetTimer
EnableWindow
LoadIconA
GetClientRect

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
大飞破解版/大飞视距.exe
.exe windows x86

f716520898f425111ba638244c3709a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart

ws2_32

recv
closesocket
send
select
inet_ntoa
WSAStartup
accept
ioctlsocket
recvfrom
WSACleanup
getpeername
WSAAsyncSelect

rasapi32

RasHangUpA
RasGetConnectStatusA

kernel32

GetTimeZoneInformation
GetVersion
FileTimeToSystemTime
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
Sleep
CreateEventA
WaitForSingleObject
CloseHandle
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateProcessA
GetVersionExA
LoadLibraryA
FreeLibrary
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
SetLastError
TerminateProcess
GetFileSize
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
GetLastError
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec

user32

WaitForInputIdle
KillTimer
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
UnregisterHotKey
RegisterHotKey
CreateWindowExA
CallWindowProcA
SetWindowTextA
GetWindowTextA
GetDlgItem
GetClassNameA
GetDesktopWindow
GetForegroundWindow
LoadIconA
TranslateMessage
DrawFrameControl
GetSysColorBrush
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetLastActivePopup
RegisterWindowMessageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
UnregisterClassA
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement

gdi32

GetViewportExtEx
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
EndPath
TranslateCharsetInfo
CreateFontA
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA

shell32

DragQueryFileA
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA
DragFinish
DragAcceptFiles

ole32

CLSIDFromString
OleUninitialize
CoCreateInstance
OleInitialize

oleaut32

UnRegisterTypeLi
VariantClear
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ord17
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy

wininet

InternetCloseHandle

comdlg32

ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 672KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 152KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

8291f82e207ae31a3d766f1710393434

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

msvcp60

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 540B

.rsrc Size: 3.8MB - Virtual size: 3.8MB

f716520898f425111ba638244c3709a3

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Sections

.text Size: 672KB - Virtual size: 668KB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 72KB - Virtual size: 323KB

.rsrc Size: 24KB - Virtual size: 21KB

UPX0
Size: - Virtual size: 152KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 540B

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

.text
Size: 672KB - Virtual size: 668KB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 72KB - Virtual size: 323KB

.rsrc
Size: 24KB - Virtual size: 21KB