hot[.]dll | Triage

Sharing

General

Target

hot.dll
Size

6KB
MD5

ff860257f3c9762f20e5b2d522e7ee14
SHA1

3a36ab399cb0b29dada74c398a960bfe36d8cc9a
SHA256

80a1d0b86d0577e8fa58944185c37efe5999ba30aa31b9863af37911a6d9d653
SHA512

734bd61cca7cb9f5a71260c03c5bdccf8916308aa13c2986d075ad517b7fb2740a14c22bb7279ab34344056434c23a65188d1727f36f9586f5dc46f8830a6230
SSDEEP

96:NQST2B3NXPcABqzHd4qBthKA0OIOesTUbeSHRoYP:NKJrwzRlKPsQXHRoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hot.dll

Files

hot.dll
.dll windows x86

ba8d4380391477a4e0a0852acbbafb08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
ShowWindow

gdi32

CreateDCA
SelectObject
BitBlt
CreateCompatibleDC
GetDeviceCaps
CreateDIBSection
DeleteDC
DeleteObject
GetDIBColorTable

kernel32

CloseHandle
TerminateProcess
Process32Next
Process32First
CreateFileA
CreateToolhelp32Snapshot
OpenProcess
lstrcmpiA
lstrcpyA
WinExec
WriteFile

shell32

ShellExecuteA

Exports

Exports

Capture
Echo_byte
Echo_data
Hidemirc
KeyOff
MouseOff
ProcessGet
ProcessKill
Runhidden
Showmirc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ