546c8bff7dd4ea3c74dbe9ad5189f57292c15b8d0014bfa5ef6f754b8326d96e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

546c8bff7dd4ea3c74dbe9ad5189f57292c15b8d0014bfa5ef6f754b8326d96e
Size

959KB
MD5

3811b9004f405d7f63ffa5d41d345427
SHA1

cf2bce37000947a01fa1d3fb67d926f8ee453366
SHA256

546c8bff7dd4ea3c74dbe9ad5189f57292c15b8d0014bfa5ef6f754b8326d96e
SHA512

ed0c6add33da0323960efe6d8663cd0778cb0508bc9e47e3cb145a4dd24bfcb0a591582f30e1cfebc8892d450b232e769f59eba249bca5356a2a4d02bfb17781
SSDEEP

24576:zOD3510kSUmNmAZ7HzQtEoFQda+eBzsfAAuHyxtQk2ze7G:c30k7V8Ut/BzYAAuHy4g7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
546c8bff7dd4ea3c74dbe9ad5189f57292c15b8d0014bfa5ef6f754b8326d96e

Files

546c8bff7dd4ea3c74dbe9ad5189f57292c15b8d0014bfa5ef6f754b8326d96e
.dll windows:4 windows x86

c8e1091cd36ea419818768aa5eb93f14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfA

gdi32

MoveToEx

winmm

midiStreamRestart

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CoTaskMemAlloc

oleaut32

VarDateFromStr

comctl32

ImageList_GetImageInfo

ws2_32

inet_ntoa

comdlg32

GetFileTitleA

Exports

Exports

HuaxiaVolcanoInstall

Sections

.text
Size: 934KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE