rundll32_04DC0000-2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rundll32_04DC0000-2.bin
Size

1.1MB
MD5

134a6f5ce1993c3710c016cd51f9b4af
SHA1

834bdd3b6d1a327efba9eafe4657294e03029bdc
SHA256

15732a6b47369408c517fe1d176d103fdb18f563b21c97bde9c9c158e79611c0
SHA512

df100e4a0853f1697d11b67330b4aaae92bc572e51a34e5e16e9087f035b1fc123decdb32a7e114cdafdb9ca0b5ab963bf4fe5235be6d20e89d00f14e721ff62
SSDEEP

24576:HWdXH2mApxYpYd5kAxeqwIX+J6GLoBvQfQqHJBgX:MXo5XxetIX+kmHJG

Score

N/A

Malware Config

Signatures

Files

rundll32_04DC0000-2.bin
.dll windows x86

Password: ciaone123

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 754KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xvo
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE