dmocx[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dmocx.dll
Size

41KB
MD5

eb7b4563d6d20fc663f15fe8581d0bf2
SHA1

fe05cc6e76d085d12772fd9f47df7973ba9014e7
SHA256

0324169ff09158ba7a7060a67c4e75aa9b66cd9577f11cdc21b2d900d83dd2b3
SHA512

3144ede24c1381d456bf920295d5872eb321bf65c11df3a6eef02fc2b737f2b865928fdce78ea2883ded7d703fd4d9db76c9022ca95e92509dcd2b9be1dbae01
SSDEEP

768:6ntwb5Ww/p12C1jWx/SPCWqLc7WhZWd/3qlM2c:6L8qx/SPCWSw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dmocx.dll

Files

dmocx.dll
.dll regsvr32 windows:6 windows x86 arch:x86

d108050044b3ddc6f35d6f5fd98fae32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dmocx.pdb

Imports

mfc42u

ord3947
ord5710
ord5285
ord5303
ord4692
ord4074
ord2716
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord815
ord825
ord1165
ord6350
ord2385
ord1213
ord6466
ord1224
ord823
ord446
ord3676
ord3348
ord3273
ord5494
ord4466
ord6361
ord3321
ord6360
ord743
ord1869
ord4001
ord2722
ord2721
ord4244
ord2478
ord1174
ord1223
ord1207
ord723
ord5821
ord4618
ord4076
ord3075
ord2981
ord4460
ord3255
ord3143
ord2978
ord5273
ord2116
ord2438
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord4347
ord6366
ord5157
ord2376
ord5237
ord4401
ord1768
ord4073
ord6051
ord2949
ord4533
ord3399
ord2480
ord4973
ord4986
ord4409
ord5002
ord4597
ord4403
ord4732
ord4735
ord2977
ord4350
ord4355
ord4365
ord4578
ord5054
ord4630
ord4631
ord4643
ord4774
ord4348
ord4637
ord4648
ord5017
ord4683
ord4642
ord4660
ord4661
ord4662
ord4902
ord4903
ord4653
ord4929
ord4924
ord4919
ord4982
ord4588
ord4515
ord4542
ord4897
ord4644
ord4762
ord4654
ord4655
ord5645
ord2993
ord2871
ord4701
ord4699
ord5144
ord3863
ord2948
ord5207
ord1955
ord2129
ord5998
ord4914
ord4850
ord2148
ord5670
ord4633
ord4681
ord4336
ord994
ord5614
ord1686
ord2431
ord3525
ord2537
ord4943
ord5257
ord4279
ord4496
ord4453
ord5286
ord5052
ord4729
ord2371
ord2719
ord2533
ord3941
ord423
ord2679
ord1129
ord1128
ord600
ord1571
ord1250
ord1248
ord1563
ord1194
ord1240
ord342
ord1179
ord1570
ord1568
ord1173
ord1115
ord269
ord826
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3396
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3665
ord4733
ord561

msvcrt

__CxxFrameHandler3
_XcptFilter
malloc
free
_initterm
_amsg_exit
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common

kernel32

LocalFree
ActivateActCtx
ReleaseActCtx
CreateActCtxW
LocalAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeactivateActCtx

user32

GetMessagePos
EnableWindow
InvalidateRect
ScreenToClient
ClientToScreen
SendMessageW
GetKeyState
SetProcessDPIAware

oleaut32

LoadRegTypeLi

oleacc

CreateStdAccessibleProxyW
LresultFromObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d108050044b3ddc6f35d6f5fd98fae32

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

kernel32

user32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 9KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 9KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 2KB - Virtual size: 2KB