a4c00d11cbfe3f6f845a5390ead98c54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4c00d11cbfe3f6f845a5390ead98c54_JaffaCakes118
Size

832KB
MD5

a4c00d11cbfe3f6f845a5390ead98c54
SHA1

0529d06ed3ae990a90f5dc555cd3263d69a6591e
SHA256

87502441a98fcd1f75955a7b9c1e2e63876f1030e30469cf10a74f44dcceabef
SHA512

864da0a8e4e28b516510fa06db744c822a33627e9dfe6a5b10b87629dc1458fe13c078f73d8e387d81034d9334323553fedab0907a6809c30702b9563693eef1
SSDEEP

24576:idJ6xCqJd86+GZrqhyYcahmwWs3qqf4vT:iPsJd86+OaMwH3qfvT

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/幸运28数据采集器免费版/SkinH_EL.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/幸运28数据采集器免费版/SkinH_EL.dll	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/幸运28数据采集器免费版/SkinH_EL.dll

Files

a4c00d11cbfe3f6f845a5390ead98c54_JaffaCakes118
.rar
幸运28数据采集器免费版/SkinH_EL.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
幸运28数据采集器免费版/关于软件报毒说明.txt
幸运28数据采集器免费版/官方网站www.2022k.com.url