6bc7deea5514eca325903a7f67b3800d63b9ddcd6fb2ca280dc63de0981a83d7

Sharing

Copy URL

Twitter E-mail

General

Target

6bc7deea5514eca325903a7f67b3800d63b9ddcd6fb2ca280dc63de0981a83d7
Size

332KB
MD5

b3564445a259cba6dbe6c16c68788cf5
SHA1

4a0c6c9990917dfaaba29e629e396f14267f06e0
SHA256

6bc7deea5514eca325903a7f67b3800d63b9ddcd6fb2ca280dc63de0981a83d7
SHA512

53616943dafdad53ee7cae2a7d6f7e49b84a38fd4f7acfdc7dc9cbf38a3f7df79da6c6223cbce45765d4df8adb73b53b0b5e9707f73de5690c77731d88ca4dbc
SSDEEP

6144:oM5IE/b7HEQ88cp/RUqErn5ub7McD8N6xXf:pt7bj5ub7N8N6h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bc7deea5514eca325903a7f67b3800d63b9ddcd6fb2ca280dc63de0981a83d7

Files

6bc7deea5514eca325903a7f67b3800d63b9ddcd6fb2ca280dc63de0981a83d7
.dll windows:4 windows x86 arch:x86

32c0d10195466d74e8287a384f570f90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\workspace\skinhwork\skinhwork\vs2005\release_dll_unicode_mt\SkinH_EL.pdb

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
HeapCreate
HeapDestroy
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
HeapSize
Sleep
InterlockedDecrement
InterlockedIncrement
TlsFree
SetFilePointer
TlsAlloc
TlsGetValue
GetModuleHandleA
RaiseException
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FlushInstructionCache
VirtualQueryEx
VirtualFree
InterlockedCompareExchange
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
VirtualProtectEx
VirtualAlloc
SetLastError
GetLastError
GetCurrentProcess
VirtualQuery
VirtualProtect
GetProcAddress
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSection
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetCurrentThread
GetVersion
WideCharToMultiByte
MulDiv
GlobalLock
GlobalAlloc
CloseHandle
ReadFile
GetFileSize
CreateFileW
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
GetCurrentThreadId
GlobalFree
GetModuleFileNameW
GlobalReAlloc
GlobalUnlock
TlsSetValue

user32

GetMenu
ShowWindow
DestroyIcon
SetMenu
GetSubMenu
CreateWindowExW
GetWindowRgn
TrackPopupMenu
DestroyWindow
GetWindowInfo
GetMenuItemID
GetWindowRect
PtInRect
DrawStateW
CallNextHookEx
GetClassNameW
UnhookWindowsHookEx
SetWindowsHookExW
ReleaseCapture
DispatchMessageW
GetMessageW
SetCapture
GetCapture
GetClassLongW
ScreenToClient
SystemParametersInfoW
GetSystemMetrics
GetMenuItemRect
MenuItemFromPoint
GetMenuItemCount
SetLayeredWindowAttributes
SetWindowPos
IsWindow
LockWindowUpdate
SetMenuItemInfoW
IsMenu
EnumChildWindows
EnumThreadWindows
GetUpdateRect
MoveWindow
BeginPaint
GetSysColorBrush
GetWindowLongA
GetSysColor
SetWindowLongW
EnableScrollBar
SetWindowLongA
GetScrollBarInfo
SetScrollRange
GetScrollRange
SetScrollInfo
GetScrollInfo
SetScrollPos
SendMessageTimeoutW
ShowScrollBar
GetScrollPos
ReleaseDC
GetWindowDC
GetDCEx
SetWindowRgn
GetDC
WindowFromDC
EndPaint
FindWindowExW
EqualRect
ClientToScreen
GetMenuItemInfoW
GetParent
GetComboBoxInfo
GetIconInfo
TrackMouseEvent
GetClientRect
InvalidateRect
SetPropW
RemovePropW
InflateRect
GetFocus
CallWindowProcW
SetRectEmpty
GetWindowLongW
GetSystemMenu
GetMenuState
IsZoomed
IsIconic
IsRectEmpty
DrawTextW
GetWindowTextW
DrawIconEx
GetPropW
OffsetRect
SetTimer
KillTimer
EnableWindow
SetRect
IsWindowVisible
RegisterClassExW
UpdateLayeredWindow
DefWindowProcW
LoadCursorW
SetCursor
GetCursorPos
SendMessageW
IsWindowEnabled

gdi32

SetWindowOrgEx
SetMapMode
SelectClipPath
EndPath
BeginPath
SetViewportExtEx
SetViewportOrgEx
GetPixel
ExtCreateRegion
Rectangle
CreateSolidBrush
CreatePen
SelectClipRgn
SetPixel
ExtTextOutW
ExtTextOutA
GetTextColor
GetTextExtentPointW
CreateCompatibleBitmap
SetWindowExtEx
BitBlt
PatBlt
SetTextColor
SetBkMode
PtInRegion
OffsetRgn
CombineRgn
CreateRectRgn
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateFontIndirectA
CreateFontIndirectW
GetStockObject
GetTextExtentPoint32W
CreateRoundRectRgn
CreateFontW
TextOutW
GetClipRgn
SetBkColor
CreateDIBSection
GetObjectW
CreatePatternBrush

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIcon

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

msimg32

TransparentBlt

gdiplus

GdiplusStartup

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Adjust_HSV
SkinH_Aero
SkinH_Aero_Adjust
SkinH_Alpha
SkinH_Alpha_Menu
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_AttachWindow
SkinH_Attach_Ex
SkinH_Attach_Ext
SkinH_Attach_Res
SkinH_Attach_ResEx
SkinH_Auth
SkinH_Detach
SkinH_DetachEx
SkinH_DetachWindow
SkinH_Detach_Ex
SkinH_DisMove
SkinH_EnableTabCtrlItem
SkinH_GetColor
SkinH_GetIntMetric
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetMode
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_TitleMenuBar
SkinH_VerifySign
_SkinH_Free@0
_SkinH_Init@4

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32c0d10195466d74e8287a384f570f90

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

msvfw32

msimg32

gdiplus

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 22KB

.detourc Size: 8KB - Virtual size: 4KB

.detourd Size: 4KB - Virtual size: 12B

.rsrc Size: 4KB - Virtual size: 1000B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 22KB

.detourc
Size: 8KB - Virtual size: 4KB

.detourd
Size: 4KB - Virtual size: 12B

.rsrc
Size: 4KB - Virtual size: 1000B

.reloc
Size: 20KB - Virtual size: 19KB