Server Load
mmm.dll    Threatbook file behavior analysis report
Virscan.org multi-engine scan report
Basic Information
file name:mmm.dll
file type:DLLx86
Submission time:2018-10-12 00:00:25
Threat level:suspicious
MD5:7d1e841c2a5eda323d017fafb0d48bab
sha256:ab93a396e7064ea82e018f38b1fc3c789b80d6b6674c79ce3635151ef6244585
Document Threat Intelligence IOC Report
No intelligence IOC detected
Intelligence decision system
Abnormal flow detection system:0
Hunting system:0
DGA domain name recognition system:0
Network behavior report
domains:0
dns:0
http:0
Document release report
File release report not detected
File process number report
Process details:0
Document behavior signature report
category:.text
ioc:0x00000000
type:ioc
category:.rdata
ioc:0x00000000
type:ioc
category:.data
ioc:0x00000000
type:ioc
category:.vmp0
ioc:0x00000000
type:ioc
category:0
ioc:0
type:generic
category:0
ioc:0
type:generic
api:__exception__
category:__notification__
type:call
Static information
PE section table information
Section name:.text
Virtual address:0x00001000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R-E
Section name:.rdata
Virtual address:0x00015000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:R--
Section name:.data
Virtual address:0x00018000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:RW-
Section name:.vmp0
Virtual address:0x00095000
Physical address:0x00000000
Physical size:0x00000000
Section permissions:RWE
Section name:.tls
Virtual address:0x00321000
Physical address:0x00001000
Physical size:0x00001000
Section permissions:RW-
Section name:.vmp1
Virtual address:0x00322000
Physical address:0x00002000
Physical size:0x002e6000
Section permissions:RWE
Section name:.reloc
Virtual address:0x00608000
Physical address:0x002e8000
Physical size:0x00001000
Section permissions:R--
Section name:.rsrc
Virtual address:0x00609000
Physical address:0x002e9000
Physical size:0x00001000
Section permissions:R--
PE basic information
import_hash:ac28a420c8f0b8a00944e500e28bde14
time_stamp:2007-08-29 17:59:04
entry_point_section:.vmp1
entry_point_section:.vmp1
image_base:0x10000000
entry_point:0x332598
PE resource information
name:RT_VERSION
language:LANG_CHINESE
filetype:data
sublanguage:SUBLANG_CHINESE_SIMPLIFIED
offset:0x00609058
size:0x0000034c

About VirSCAN | Privacy Policy | Contact us | link | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

京公网安备 11010802020746号