2a2aff53e4a2105044ead3fa6edcd35d0fa704bb105ff29e0f35fd77467a40b9 | Triage

Sharing

General

Target

2a2aff53e4a2105044ead3fa6edcd35d0fa704bb105ff29e0f35fd77467a40b9
Size

1018KB
MD5

940c727f41bea342824bc99478842b0d
SHA1

d40dfd5d34bb544ea9cf151b7d7c49206e9529eb
SHA256

2a2aff53e4a2105044ead3fa6edcd35d0fa704bb105ff29e0f35fd77467a40b9
SHA512

fc1c33f67a735b72804589a2411de2e701410db08be03febc8cef8a9245cfbfeab7efc9329c1c58e7d8b0d6ab94bd79d10d3dbae18251147be29f6fdd550c170
SSDEEP

24576:AWYnWB113V97dyJyDNp0bWH8kkH9KyHdF+O+YfokqSNZmx6:V9P3V9kAiFCKb+YFzqx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a2aff53e4a2105044ead3fa6edcd35d0fa704bb105ff29e0f35fd77467a40b9

Files

2a2aff53e4a2105044ead3fa6edcd35d0fa704bb105ff29e0f35fd77467a40b9
.dll windows:4 windows x86

51e8527653d57c846656a640f604f55a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

user32

SetClipboardData

gdi32

SaveDC

winmm

midiOutReset

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc

oleaut32

VarDateFromStr

comctl32

ImageList_Read

ws2_32

accept

wininet

InternetCloseHandle

comdlg32

GetFileTitleA

Exports

Exports

HuaxiaVolcanoInstall

Sections

.text
Size: 1003KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE