1208-58-0x00000000001A0000-0x00000000001A6000-memory[.]dmp | Triage

Sharing

General

Target

1208-58-0x00000000001A0000-0x00000000001A6000-memory.dmp
Size

24KB
MD5

a57339e9c75d9ea07fd04132ac03be84
SHA1

570adc5de84303c3ee53a2580884d2ab39fb8a31
SHA256

fdb8c0e6b25aac2bdd3c28521dbf250077aa2ff3680777efbfb9fdaf1145828f
SHA512

d70107f4adb46e6fbf0d4918745733bc3b70ab9dec0443a54e21b0414e8a1a1055651bc06442a957f511c9ccaef8c1733d102d28e67aa459212e070a11aae59e
SSDEEP

192:prmxcZTpumdJmBep/jnsR7FZjRCuiClbAqg:pBlmBeVwFJcClsqg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1208-58-0x00000000001A0000-0x00000000001A6000-memory.dmp

Files

1208-58-0x00000000001A0000-0x00000000001A6000-memory.dmp
.dll windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_DLL
IMAGE_FILE_UP_SYSTEM_ONLY
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ