BLToolkit[.]3[.]dll[.]1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BLToolkit.3.dll.1
Size

1.5MB
MD5

d484aa4c893f45e6f15dfc84c942705e
SHA1

15d810b9294dafd082b85281b8a9a58102471a77
SHA256

ead43e51a0ec49a27599dae24c3787d69eaee961647a71e535087ee62f90af0b
SHA512

55e16c776879ae0b4e8e1f405589e0d3cc132c68ce803dbd9e729a97b3b9aa508ad8a203260acee45b268da3b7d03bc7a14d2ee28027919cd1e5ec7bf33550b9
SSDEEP

24576:DasFN2FKb6V23qLSAq3kO0c5fzq+tZmgPHXltDdb6iN4NOQSH4zc3RACFPy4u5LM:1DWNOACFPyX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLToolkit.3.dll.1

Files

BLToolkit.3.dll.1
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ