7f7ea61a3201b9ee48a0b1aab3b6e7f0c11dc1861ceb7af1abed75d31f39f46d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f7ea61a3201b9ee48a0b1aab3b6e7f0c11dc1861ceb7af1abed75d31f39f46d
Size

1.1MB
MD5

1e9ff03de46d338af2d0ba745d20919e
SHA1

1c20a2a5f85ebeb36282bc9e100a6a770da1a495
SHA256

7f7ea61a3201b9ee48a0b1aab3b6e7f0c11dc1861ceb7af1abed75d31f39f46d
SHA512

ec3291921981dbcf432e671d8f1a0a9b988df4a306f2e5edf9098ef714ee5fc2c5aca03ad60d7a3717214d1cbebc723be6af153c5b631fcd098b70282b5e5778
SSDEEP

24576:rjJ5IMIIqh2JeNUdVpVd08e/wM8jKhvtqAjq0iGAk8n:rFGhZMkGpVO8M8WhvD+NGA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f7ea61a3201b9ee48a0b1aab3b6e7f0c11dc1861ceb7af1abed75d31f39f46d

Files

7f7ea61a3201b9ee48a0b1aab3b6e7f0c11dc1861ceb7af1abed75d31f39f46d
.dll windows x86

38c954e57a0d56a432879c53f09f3e2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CreateWindowExA

gdi32

MoveToEx

winmm

midiStreamRestart

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoTaskMemAlloc

oleaut32

VariantCopy

comctl32

ImageList_Draw

ws2_32

closesocket

comdlg32

PrintDlgA

Exports

Exports

FFHuaxiaVolcanoInstall
HuaxiaVolcanoInstall

Sections

.text
Size: 1.1MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE