Overview

overview

7

Static

static

7

DNF-XHA V3...HA.exe

windows7-x64

7

DNF-XHA V3...HA.exe

windows10-2004-x64

7

DNF-XHA V3...ok.dll

windows7-x64

7

DNF-XHA V3...ok.dll

windows10-2004-x64

7

xin037.exe

windows7-x64

7

xin037.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    059b115b97db2af79bb6b832e94f9807

  • Size

    85KB

  • MD5

    059b115b97db2af79bb6b832e94f9807

  • SHA1

    8b3f6d50ffcd6589f3d0ea24d48d376cc35cf312

  • SHA256

    8df2b918b0949b6c1e8296c8bd38d31bfb2f5501d0e2e2bc897bf64cbe04a161

  • SHA512

    f6611b963397b71ed4db058acfd573ea40d242b5086af014763d9768b08a338f2d8f57ecd1fdb285ba6dd2fc3234a6d931a38e1aa9805ad67bcfdadc51346d21

  • SSDEEP

    1536:2tCUpBNwZsyfqqinJ/SxXYP7AtXQx8NQ3TZEB2mgsJDXIeTsqk5Df:2tCU+IqNxXWfx8NEGBVJDXPpaDf

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 059b115b97db2af79bb6b832e94f9807
    .rar
  • DNF-XHA V3.[2].0版(可单刷)/HA.EXE
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • DNF-XHA V3.[2].0版(可单刷)/HA.INI
  • DNF-XHA V3.[2].0版(可单刷)/HAHook.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • DNF-XHA V3.[2].0版(可单刷)/使用说明.txt
  • DNF-XHA V3.[2].0版(可单刷)/多职业改暴风HA.INI
  • DNF-XHA V3.[2].0版(可单刷)/战士枪法师改大火(战士银落,枪毛雷,法师星弹都可触发)HA.INI
  • DNF-XHA V3.[2].0版(可单刷)/手雷改地冒火HA.INI
  • xin037.exe
    .exe windows:4 windows x86 arch:x86

    276d36f2dad2739a2662d58aff5af41e


    Headers

    Imports

    Sections