Çalışan İşlemler[.]dll | Triage

Sharing

General

Target

Çalışan İşlemler.dll
Size

6KB
MD5

568657a9030b5b1ad6fae3f752b5a759
SHA1

122355efce9c5f10d999d1edc237743e6211d497
SHA256

77cad0bf3d030b2c9c1de4469730b2520a1ecd9db7e9428930c9419f5cc99952
SHA512

02807beb88842794e23fc33ec2726258b9965a89c7cffdc912566ff37e4c8616bbdf88bbdb851197585af9be068868708f20c7839d8ab00e6776a877c0387057
SSDEEP

96:V3kmmxCmYh0Pzvhl6lLqUUswYmqTVlQXiubfKz50/0OQ0qwU090OzNt:/FePzvXGrwYmgybfO0/0d0JU090I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Çalışan İşlemler.dll

Files

Çalışan İşlemler.dll
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ