decode_df6bc9f0e951924b983b0bbcdd9e62e52dda0db020418e35bc5fae82c48d1bcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

decode_df6bc9f0e951924b983b0bbcdd9e62e52dda0db020418e35bc5fae82c48d1bcc
Size

43KB
MD5

a14b19a3fab75fd6ef1504b29ba56e1d
SHA1

de92633e327257f701a450ae21e32e88bb709e5e
SHA256

312f91c7df05769397ae4813e57059077535302f7eec6e789860695c4719cb88
SHA512

1f54521f58ccebf025f7cb419153c8bf9fa7ee52940d9f4631e8baaddc562bfa53be9928150c8c3a9fad46bd7b967e3c6a0f76a34cfd357fc980619a0baf82e8
SSDEEP

768:ch6wa0Zounlq5jPAvWecghlXb5jzZ6hUMt7seRDF5HmLNWpM2fVCB:dUGun45jgVhldwPt7R75HmQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
decode_df6bc9f0e951924b983b0bbcdd9e62e52dda0db020418e35bc5fae82c48d1bcc

Files

decode_df6bc9f0e951924b983b0bbcdd9e62e52dda0db020418e35bc5fae82c48d1bcc
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ