Static task
static1
General
-
Target
GorillaCosmetics.dll
-
Size
39KB
-
MD5
818dbfb6b93ef8a382d71d2fbb6d4eaa
-
SHA1
c0f55803cf0712612c5c556a4ebbe9069fb49e81
-
SHA256
7113a97fd108a23aed1eaead4cc30f4eac52003e88e97fadafb1a4fa957c13f4
-
SHA512
d7cbd756086b2ac9e711236014bec71bb8a43d2ceb28d96f0c882b1afc3adc953c682cb9190cbf39a71625e92cba64561ccd6fd04cbbccb7117984047448fcd5
-
SSDEEP
768:16xmTvgfL9oQmryplBTZxRuQl/WuiLgklqIuOqeUKHeOzpjZY6fY:1zSlBTZxAQ6QHKHBpj1w
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource GorillaCosmetics.dll
Files
-
GorillaCosmetics.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 876B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ