331d6b781182cb46a9c11c59876fc108753003b42f8db30d5f972e8f8f8a7eaa | Triage

Sharing

General

Target

331d6b781182cb46a9c11c59876fc108753003b42f8db30d5f972e8f8f8a7eaa
Size

1022KB
MD5

f37bf3e0800ef7a2eaa0974e9e73f2d9
SHA1

1e076bcbb99ad9c6267eb1b673d9c8a7e3cf17f1
SHA256

331d6b781182cb46a9c11c59876fc108753003b42f8db30d5f972e8f8f8a7eaa
SHA512

3bec1b4775ad27c121faddcf7d3514923118c30c90143ea8966a8cd85315eeddff558408d3339829b023b8ca8e61533e7dc4d15bd6956a2b45c48e184cf4c4ca
SSDEEP

24576:FZZjQnuc9Mh3fULQnznmKEjoR6Ausik+iX+lDno:H5ZpsEnznQm6Aulk1XUDo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331d6b781182cb46a9c11c59876fc108753003b42f8db30d5f972e8f8f8a7eaa

Files

331d6b781182cb46a9c11c59876fc108753003b42f8db30d5f972e8f8f8a7eaa
.dll windows:4 windows x86

51e8527653d57c846656a640f604f55a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

user32

SetClipboardData

gdi32

SaveDC

winmm

midiOutReset

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc

oleaut32

VarDateFromStr

comctl32

ImageList_Read

ws2_32

accept

wininet

InternetCloseHandle

comdlg32

GetFileTitleA

Exports

Exports

HuaxiaVolcanoInstall

Sections

.text
Size: 1007KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE