A4D83F95F2DED801AB8D4C0F00AB87B4[.]ocx | Triage

Sharing

Copy URL Twitter E-mail

General

Target

A4D83F95F2DED801AB8D4C0F00AB87B4.ocx
Size

151KB
MD5

a4d83f95f2ded801ab8d4c0f00ab87b4
SHA1

43276dcc580af4eb124d7f78e23738e517906446
SHA256

d00c75127714530423a19180b64cf5521f21f2ff4ff35495e0002c27b41cbcfd
SHA512

aaeecdfd44f46ef9516874bfd8e298c2c3619b85886f5caef76ddd677988539352c89ef483ca2b3baec6d2c56694ba10a92bd5b883cbea4d5ea3bd2f9871aec3
SSDEEP

3072:4R6qUHuh67jB7/GbMqx7x3oJ6BechQK646VepSpc6XiB6yVZMcIj2:AUHuh65/Gog7FVrh5sespWBbVZMd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
A4D83F95F2DED801AB8D4C0F00AB87B4.ocx

Files

A4D83F95F2DED801AB8D4C0F00AB87B4.ocx
.dll regsvr32 windows x86

c634846c96b5699b0a7ec95c3bdf5e7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

version

GetFileVersionInfoA

ws2_32

inet_addr

mfc42

ord755

msvcrt

_itoa

user32

AppendMenuA

gdi32

SelectObject

shell32

SHBrowseForFolderA

comctl32

ImageList_ReplaceIcon

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

LoadRegTypeLi

configmodule

Config_Init

msvcp60

?_Xlen@std@@YAXXZ

netsdk

ord47

h264play

ord36

playback

ord3

winmm

sndPlaySoundA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 129KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE