d8a85c6f6adab3acd8350535069bc237eec1ec240060f01ec42ad2d38c1462ad | Triage

Sharing

General

Target

d8a85c6f6adab3acd8350535069bc237eec1ec240060f01ec42ad2d38c1462ad
Size

823KB
MD5

7b6f7183a7b279c1cc09d8532ec180e5
SHA1

0cea584a5a152615d0ec5db53fa2c5bf18f08b88
SHA256

d8a85c6f6adab3acd8350535069bc237eec1ec240060f01ec42ad2d38c1462ad
SHA512

06f9c7ba9674adb8c14543a940c6eadd35fc98b3e842a9864462b78253810b98e8c8589a60ba2215da2a756c761ee18dd0a96969cf5353830c9fed4520d9a396
SSDEEP

24576:25e4MeBhv7kRY1P+8ldD+s8vpc0RTuQ3RQu2emK:PqBtFlDmRHCuBT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8a85c6f6adab3acd8350535069bc237eec1ec240060f01ec42ad2d38c1462ad

Files

d8a85c6f6adab3acd8350535069bc237eec1ec240060f01ec42ad2d38c1462ad
.dll windows:4 windows x86 arch:x86

068a09b906de722bcd67d9fc6d1d2162

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

user32

SetClipboardData

gdi32

SetViewportExtEx

winmm

waveOutRestart

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantCopy

comctl32

ImageList_SetBkColor

ws2_32

ntohl

wininet

InternetCloseHandle

comdlg32

GetSaveFileNameA

Exports

Exports

HuaxiaVolcanoInstall

Sections

.text
Size: 810KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE