7c574195fa1d0427278916081a33e3b6

Sharing

Copy URL Twitter E-mail

General

Target

7c574195fa1d0427278916081a33e3b6
Size

974KB
MD5

7c574195fa1d0427278916081a33e3b6
SHA1

6cc9c622438903b53cfa0eab3a0133701021fc3b
SHA256

7730c3f4a5a34b8caa1e164076dfd6db5cdbb7c47d4ce70c49c587f5deec1a25
SHA512

21f104adc845aad2c01c3b504d47998297c51e321afdbe032318f919d65f6043b787834a29a4f9bdb95eabf6db5ea8d0f351d7ea42c0988ac4e0fe2073d087c6
SSDEEP

24576:O7QsGnXJDFV1EsTqEQ6dbly8euvczKqzKyS:LsmV15vFRy8zEmquZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SkinH.dll
unpack001/狂牛视频加密0.9.3.8DEMO.exe

Files

7c574195fa1d0427278916081a33e3b6
.rar
SkinH.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

.text
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
storm.she
新云软件.url
.url
狂牛视频加密0.9.3.8DEMO.exe
.exe windows:4 windows x86 arch:x86

1cc2ce4b2278e72aca6ee221aff13832

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3721
ord3619
ord795
ord1641
ord567
ord3626
ord2414
ord2446
ord5290
ord5277
ord3797
ord4275
ord5875
ord2379
ord941
ord5572
ord2915
ord755
ord3874
ord470
ord3698
ord2582
ord4402
ord3370
ord3640
ord2575
ord4396
ord3402
ord3574
ord5265
ord4376
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord693
ord765
ord609
ord641
ord324
ord2358
ord2302
ord4234
ord3998
ord2642
ord3092
ord5856
ord5683
ord537
ord3302
ord4224
ord3097
ord3081
ord6648
ord6907
ord3301
ord5953
ord3996
ord4710
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord3089
ord4476
ord4853
ord2135
ord818
ord1158
ord690
ord5207
ord389
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord804
ord2621
ord1134
ord2587
ord4406
ord3394
ord3729
ord6199
ord6215
ord4299
ord2086
ord6785
ord4160
ord1168
ord1949
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord1200
ord540
ord2818
ord922
ord858
ord800
ord535
ord6394
ord6383
ord5440
ord5450
ord2107
ord3098
ord823
ord2841
ord825
ord860
ord3663
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
time
srand
rand
atoi
_mbscmp
fwrite
sprintf
fopen
_setmbcp
_strupr
_itoa
__CxxFrameHandler
fclose
_controlfp

kernel32

GetModuleHandleA
lstrcpynA
lstrlenA
lstrcatA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalFree
WriteFile
SizeofResource
LockResource
LoadResource
FindResourceA
WritePrivateProfileStringA
DeleteFileA
CloseHandle
GetFileSize
GetPrivateProfileStringA
GetCurrentDirectoryA
RemoveDirectoryA
Sleep
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
CreateDirectoryA
GetModuleFileNameA
TerminateProcess
SetUnhandledExceptionFilter
CopyFileA
CreateFileA
CreateThread

user32

LoadCursorA
EnableWindow
GetSubMenu
LoadMenuA
GetWindowRect
MessageBoxA
AppendMenuA
GetSystemMenu
CopyIcon
DrawIcon
GetSystemMetrics
IsIconic
InvalidateRect
SetTimer
SetWindowLongA
SendMessageA
KillTimer
SetCursor
PtInRect
ScreenToClient
LoadIconA
GetClientRect
GetMessagePos

gdi32

CreateFontIndirectA
GetStockObject

comdlg32

GetOpenFileNameA

shell32

ShellExecuteExA
ShellExecuteA

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

skinh

SkinH_AttachEx

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vPdata0
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vPdata1
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: - Virtual size: 220KB

.data Size: 95KB - Virtual size: 111KB

1cc2ce4b2278e72aca6ee221aff13832

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

shell32

iphlpapi

version

skinh

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 7KB

.tls Size: 4KB - Virtual size: 8B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.vPdata0 Size: 12KB - Virtual size: 9KB

.vPdata1 Size: 96KB - Virtual size: 95KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: - Virtual size: 220KB

.data
Size: 95KB - Virtual size: 111KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 7KB

.tls
Size: 4KB - Virtual size: 8B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.vPdata0
Size: 12KB - Virtual size: 9KB

.vPdata1
Size: 96KB - Virtual size: 95KB

.reloc
Size: 8KB - Virtual size: 4KB