97f359135c6e210f49833c7f0eeec4ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97f359135c6e210f49833c7f0eeec4ee_JaffaCakes118
Size

968KB
MD5

97f359135c6e210f49833c7f0eeec4ee
SHA1

10bda442636ad375e6b446e593c8bc0c4594845a
SHA256

2a075aa51be802ba8c1dfe8cac6d07e93732bacbd03b44a9c10d0d1693fc7e2b
SHA512

9d4bae7dec01f53baaf487de8bc6ca6d1e0275f3ce7b561253342fed68ac92bc69aa239bcc016ac3faf4b8d40637d399a201e6f2f9d39f84e5ea6f0cba6a01c0
SSDEEP

24576:NAhfeCPWR9QS3rY9NLtpb0DUhW36lED35yTzfXwV7cB5:NgmCPNS3rY9NLtps36lED35yvoVQB5

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/SkinH_EL.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/NBA2K13梦幻星辰.exe	upx
static1/unpack001/SkinH_EL.dll	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBA2K13梦幻星辰.exe
unpack002/out.upx
unpack001/SkinH_EL.dll

Files

97f359135c6e210f49833c7f0eeec4ee_JaffaCakes118
.rar
NBA2K13梦幻星辰.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 805KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 427KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SkinH_EL.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
down12.com资源下载.url
.url
如果无法运行，请先安装.NET Framework.url
.url
软件说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.1MB

UPX1 Size: 805KB - Virtual size: 808KB

.rsrc Size: 427KB - Virtual size: 428KB

Headers

File Characteristics

Sections

.text Size: 644KB - Virtual size: 641KB

.rdata Size: 424KB - Virtual size: 422KB

.data Size: 252KB - Virtual size: 398KB

.rsrc Size: 444KB - Virtual size: 441KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 156KB

UPX1 Size: 83KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 805KB - Virtual size: 808KB

.rsrc
Size: 427KB - Virtual size: 428KB

.text
Size: 644KB - Virtual size: 641KB

.rdata
Size: 424KB - Virtual size: 422KB

.data
Size: 252KB - Virtual size: 398KB

.rsrc
Size: 444KB - Virtual size: 441KB

UPX0
Size: - Virtual size: 156KB

UPX1
Size: 83KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB