79cebfa014aa8e668865fc8841d20252326ea3b74e9091d51df9913cf823ca4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79cebfa014aa8e668865fc8841d20252326ea3b74e9091d51df9913cf823ca4a
Size

1.1MB
MD5

393b1119ed4f666ce1022ba5c533073a
SHA1

1f73e93b0e1cfc1f111223d0c755c5c35a6dc0fc
SHA256

79cebfa014aa8e668865fc8841d20252326ea3b74e9091d51df9913cf823ca4a
SHA512

078782319185cc16b8ed6639564da19b22c533a61ecde0086eb8c259f3968b2d7a83e498b370cd6a08a91a29a84b4bb735749293724df7edf028d309cd6e51e4
SSDEEP

24576:RMt+mZ9E+H7ceMt5e1T8BJhid4tGztMPt5r5q+zKbhNpVAPgH:lAUDY1I1g48qPt5r5q+zERAPe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79cebfa014aa8e668865fc8841d20252326ea3b74e9091d51df9913cf823ca4a

Files

79cebfa014aa8e668865fc8841d20252326ea3b74e9091d51df9913cf823ca4a
.dll windows x86

0a3a28cadfd31958d1ccad7ba3af3baa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfA

gdi32

ExtTextOutA

winmm

midiStreamRestart

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageInfo

ws2_32

inet_ntoa

comdlg32

ChooseColorA

Exports

Exports

HuaxiaVolcanoInstall

Sections

.text
Size: 1.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE