FlDTEImpresion_JC[.]dll | Triage

Sharing

General

Target

FlDTEImpresion_JC.dll
Size

67KB
MD5

3596d65a053a74ee3f622110a3abd36b
SHA1

3c4dd978849931f997aad41d939f991dde9faa76
SHA256

092f8b03ea8dd425b07339c2d750c41c85855d1e4c333bc8f71e3c352cc15246
SHA512

7ed85c8f57d70152e37be55c94a4c2c6d8fcabb6a13f534e7d98adfe49ed2be62c4f0cbaa7afeb550909c1baee11269d5892fd97d2b45885c54fa57d1a32ae48
SSDEEP

768:7nLA/nkNFl4nOfVJDesu8iDWg7FccKptitPq:zLUnkNFG8VJDeWiqGKptitPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FlDTEImpresion_JC.dll

Files

FlDTEImpresion_JC.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ