1b0f24eb2149bc7ba10d98651488f651e12e00956adcdb90b9775e95168b2fdd[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b0f24eb2149bc7ba10d98651488f651e12e00956adcdb90b9775e95168b2fdd.dll
Size

128KB
MD5

091688921520012e70d61125c0f7c269
SHA1

94d6b21d1b347d6d83c875c71927a6906927ebaa
SHA256

1b0f24eb2149bc7ba10d98651488f651e12e00956adcdb90b9775e95168b2fdd
SHA512

a1967f4f6d2e7ac180c9a22116d03acb623aba2058bec814baa2bedc9258ff28576cf58d8825f2bf571dd18ae84fc5bf920687e5ad1bb1937bb7bfc6af76ef69
SSDEEP

3072:wjOoEXYL9aM3Ee+yLpssDBymPBTbrmsv1J:w609aM3ECpsUNv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b0f24eb2149bc7ba10d98651488f651e12e00956adcdb90b9775e95168b2fdd.dll

Files

1b0f24eb2149bc7ba10d98651488f651e12e00956adcdb90b9775e95168b2fdd.dll
.dll windows:5 windows x64

43d464a562ea53d395778d9ef4f4b6a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
ReadFile
PeekNamedPipe
WaitForSingleObject
Sleep
CreateProcessA
CloseHandle
CreatePipe
ExitThread

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

ReflectiveLoader

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ