dmocx[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

dmocx.dll
Size

43KB
MD5

dfebcf0bbadcfdc01a731d3b64d2bfa6
SHA1

79246e017d9c16da2a40ce7e6e10c69f28452289
SHA256

20f6c39f579659b81b6222c531b51987c092931293add92dead5fd5dd98bf108
SHA512

ac2db3cbdc1f6d8c90fe04c0e2c10520d64e877c26685162da5ec42c07c0060e1252fa29e447808e08a534887f439401a230afeb24233830ee2f4fa5f818b3a5
SSDEEP

768:8KwBWOrjPGj6o/NS8WWqLc/WhZWd/3qlM4:8vEOHP26o/NS8WWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dmocx.dll

Files

dmocx.dll
.dll regsvr32 windows:10 windows x86 arch:x86

fa4eb184cce3edfe57842435fbe6aad8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dmocx.pdb

Imports

mfc42u

ord3074
ord3820
ord3826
ord3825
ord3396
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord6051
ord4073
ord1768
ord5237
ord5157
ord4347
ord5286
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord446
ord743
ord823
ord1869
ord4001
ord2719
ord2722
ord2721
ord4244
ord2478
ord2679
ord1174
ord1207
ord1223
ord423
ord723
ord3941
ord2537
ord2533
ord4943
ord4279
ord4496
ord4453
ord4729
ord5052
ord2371
ord4401
ord5821
ord4618
ord4076
ord3075
ord2981
ord4460
ord3255
ord3143
ord2978
ord6366
ord2376
ord2949
ord4533
ord4616
ord2480
ord4973
ord4986
ord4409
ord5002
ord4597
ord4403
ord4732
ord4735
ord4733
ord4350
ord4355
ord4365
ord4578
ord5054
ord4630
ord4631
ord4643
ord4774
ord4348
ord4637
ord4648
ord5017
ord4683
ord4642
ord4660
ord4661
ord4662
ord4902
ord4903
ord4653
ord4929
ord4924
ord4919
ord4982
ord4588
ord4515
ord4542
ord4897
ord4644
ord4762
ord4654
ord4655
ord5645
ord2993
ord2871
ord4701
ord4699
ord5144
ord3863
ord2948
ord5207
ord1955
ord2129
ord5998
ord4914
ord4850
ord2148
ord5670
ord4633
ord4681
ord4336
ord994
ord5614
ord1686
ord2431
ord3525
ord3676
ord3348
ord3273
ord5494
ord4466
ord6361
ord3321
ord6360
ord1129
ord1128
ord826
ord269
ord600
ord1240
ord1571
ord1250
ord1568
ord1570
ord342
ord1179
ord1248
ord1115
ord1194
ord1563
ord4075
ord4418
ord3665
ord1224
ord6350
ord2385
ord1165
ord1213
ord1560
ord268
ord6466
ord2716
ord3947
ord815
ord561
ord3399
ord825

msvcrt

_XcptFilter
_onexit
_amsg_exit
free
malloc
_initterm
_lock
_unlock
__CxxFrameHandler3
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler4_common

kernel32

CreateActCtxW
ActivateActCtx
DeactivateActCtx
LocalAlloc
LocalFree
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseActCtx

user32

ClientToScreen
GetKeyState
GetMessagePos
InvalidateRect
ScreenToClient
SendMessageW
SetProcessDPIAware
EnableWindow

oleaut32

LoadRegTypeLi

oleacc

CreateStdAccessibleProxyW
LresultFromObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa4eb184cce3edfe57842435fbe6aad8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

kernel32

user32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 9KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 9KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 2KB - Virtual size: 1KB