Trojan-Downloader[.]Win32[.]Dagozill[.]dp-4048e0130ab78184e2c9b8415d6b02eb314bebd2624e430603649e01e9ce08ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Downloader.Win32.Dagozill.dp-4048e0130ab78184e2c9b8415d6b02eb314bebd2624e430603649e01e9ce08ed
Size

56KB
MD5

41abdbf5231e289254fef128caae15de
SHA1

c0b5afadd6e3cfa96a1427b0aba104750f1efbbf
SHA256

4048e0130ab78184e2c9b8415d6b02eb314bebd2624e430603649e01e9ce08ed
SHA512

0eb418a6045945f04cf633ccd224bbdb07aead5030546e1529face12c943d6185ba7a1f8da1254769c1e1f6abf41e1f2f7871a490ed6f9d4f3dc46074af055a4
SSDEEP

768:RFUPF9e2TGCi+3d6VTuq3zWTP3xO1eRUIbNidcsE28msGAQROmkQuKj:RFUOJGdCTujTP341eRjN1sEXmQQR8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Trojan-Downloader.Win32.Dagozill.dp-4048e0130ab78184e2c9b8415d6b02eb314bebd2624e430603649e01e9ce08ed

Files

Trojan-Downloader.Win32.Dagozill.dp-4048e0130ab78184e2c9b8415d6b02eb314bebd2624e430603649e01e9ce08ed
.exe windows x86

bee835775cc753b61820d3958e3df32f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcmp
memmove
strlen
strncpy

kernel32

GetModuleHandleA
HeapCreate
VirtualProtectEx
VirtualProtect
LocalUnlock
HeapDestroy
ExitProcess
CloseHandle
InitializeCriticalSection
GetModuleFileNameA
HeapReAlloc
HeapAlloc
HeapFree

winspool.drv

PrinterProperties

user32

MessageBeep
SendMessageA
GetClassLongA
DdeKeepStringHandle
KillTimer

shell32

ExtractAssociatedIconA
ShellAboutA

Sections

.code
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ