perfecthacks public.dll

The library perfecthacks public.dll has been detected as malware by 30 anti-virus scanners. The file has been seen being downloaded from www.file-upload.net and multiple other hosts.
MD5:
5ebfe95e976833db72b70695507ef655

SHA-1:
0817efd5b581675f3bbe41668e783e63c66c9104

SHA-256:
75953e76a324916133a0c67e89cf3d2da4ba79a86b3ed8e82237034d52274d1f

Scanner detections:
30 / 68

Status:
Malware

Analysis date:
11/23/2024 3:25:52 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Packed.Libix.Gen.9
926

Agnitum Outpost
Packed/Themida
7.1.1

Avira AntiVirus
TR/Crypt.TPM.Gen
7.11.152.190

avast!
Win32:Malware-gen
2014.9-140723

AVG
Win32/Themida
2015.0.3404

Baidu Antivirus
Trojan.Win32.Black
4.0.3.14723

Bitdefender
Trojan.Packed.Libix.Gen.9
1.0.20.1020

Bkav FE
HW32.CDB
1.3.0.4959

Comodo Security
TrojWare.Win32.Black.~d1
18416

Dr.Web
Trojan.Packed.650
9.0.1.0204

Emsisoft Anti-Malware
Trojan.Packed.Libix.Gen
8.14.07.23.12

ESET NOD32
Win32/Packed.Themida.AAE (variant)
8.9883

Fortinet FortiGate
W32/Black.A!tr
7/23/2014

F-Prot
W32/Themida_Packed
v6.4.7.1.166

F-Secure
Trojan.Packed.Libix.Gen.9
11.2014-23-07_4

G Data
Trojan.Packed.Libix.Gen
14.7.24

IKARUS anti.virus
Packed.Win32.Themida
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.178.12278

Kaspersky
Packed.Win32.Black
14.0.0.3517

Malwarebytes
Malware.Packer.T
v2014.07.23.12

McAfee
RDN/Vundo!dm
5600.7060

MicroWorld eScan
Trojan.Packed.Libix.Gen.9
15.0.0.612

NANO AntiVirus
Trojan.Win32.Black.ckomjr
0.28.0.60100

Norman
Troj_Generic.QUIEF
11.20140723

Panda Antivirus
Trj/Thed.A
14.07.23.12

Quick Heal
Trojan.Black.r4
7.14.14.00

Sophos
Troj/Virtum-Gen
4.98

Trend Micro House Call
TROJ_SPNR.0BKE13
7.2.204

Trend Micro
TROJ_SPNR.0BKE13
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
29884

File size:
720 KB (737,280 bytes)

File type:
Dynamic link library (Win32 DLL)

File PE Metadata
Compilation timestamp:
10/29/2013 7:49:21 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:7kKxFCQ5zQyzbAG/hzOWjM8W+eVsKhQMcXpAmE5fMxFZBXM7mRHvTIIgKnwoDyS:fAQJpxjdW+uZQMc5AmE5f2F7MyHvBDw2

Entry address:
0x37014

Entry point:
B8, 00, 00, DE, 06, 60, 0B, C0, 74, 68, E8, 00, 00, 00, 00, 58, 05, 53, 00, 00, 00, 80, 38, E9, 75, 13, 61, EB, 45, DB, 2D, 37, 70, 03, 10, FF, FF, FF, FF, FF, FF, FF, FF, 3D, 40, E8, 00, 00, 00, 00, 58, 25, 00, F0, FF, FF, 33, FF, 66, BB, 19, 5A, 66, 83, C3, 34, 66, 39, 18, 75, 12, 0F, B7, 50, 3C, 03, D0, BB, E9, 44, 00, 00, 83, C3, 67, 39, 1A, 74, 07, 2D, 00, 10, 00, 00, EB, DA, 8B, F8, B8, 98, 76, 0D, 00, 03, C7, B9, 6D, 72, 03, 00, 03, CF, EB, 0A, B8, 98, 76, 0D, 10, B9, 6D, 72, 03, 10, 50, 51, E8, 87...
 
[+]

Entropy:
7.9027

Packer / compiler:
Themida/WinLicense V1.8.0.2 +

Code size:
81 KB (82,944 bytes)

The file perfecthacks public.dll has been seen being distributed by the following 2 URLs.

Remove perfecthacks public.dll - Powered by Reason Core Security