Eggsploit[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Eggsploit.dll
Size

1.2MB
MD5

4fd9a2eae33f9a963b7133242ee9b6ba
SHA1

e84497b01e168d589c16218c80ce8db468fae726
SHA256

f66905e2fec840ca81e33b1a2bb51d67af46f472b52cc0a65fa1701501580f1a
SHA512

869909794d9dd441b4b726743ab2afdeb2cfaf364175565f8b7bb357e3fbe85e9cc6dde691b17d46d4e76ce73a462a8d9f84f3e386a16fc10a6bb2b0e53da44a
SSDEEP

24576:OaVb/jHdk9awp968qXThlqOzn5DEOpCQmVUBY1rXJnfx0hoiPk/:OaVb50/6h13oOkVUBiJnShoi+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Eggsploit.dll

Files

Eggsploit.dll
.dll windows:6 windows x86

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

skneulrk
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zmsfuoxp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE