General
-
Target
Telerik.WinControls.RichTextEditor.dll
-
Size
11.3MB
-
MD5
21873c87cffc81a6508283b017a18266
-
SHA1
1fc1ea94239f40e19a485670124557e65d2f6146
-
SHA256
03ced93e27ebc7b46e75d9b63ef8709f985a2d47a07a5be9e25806c1e21b1fb0
-
SHA512
4b21c1c9f69d344ecea530bb51fdcc8c30f832a70b4ef0efc56ad3f3d6dffcea5704a08688a7b801a4535b22d4ef29a19f7e4fd330a0fcffab300c1ef6e0ebef
-
SSDEEP
49152:j158UjzpZfgqZkqjqVkf7/ibBVx+KCmT9LGK6ej8FL0VjZO98Z6D7nYaGnND4aEO:zBl6Vkf7/ibHj/Z
Score
10/10
Malware Config
Signatures
-
CoreEntity .NET Packer 1 IoCs
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
Files
-
Telerik.WinControls.RichTextEditor.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections