TeamServer[.]dll[.]3 | Triage

Sharing

General

Target

TeamServer.dll.3
Size

11KB
MD5

692b28dd5aad326d2ad90c8ddada1d8c
SHA1

4540fc04f91f197dd21f8a9b2fdf4e55abcc1665
SHA256

bf7319d95e82220f5d21222105402adc2803d030d4e521b54f58ee6019fbfd95
SHA512

dcd612d84c7a688008916c768f5ddec55cb1fe30f65062ad36a0b669d9d0a2937a11ac09f61c842174a343a0af907b449eae42084592b1b0cb5a4c6164b1ef3a
SSDEEP

192:QDPdLPl7pXYrBsA20+hl1kEpEtFmpQHOM8+9:MPdABJ20+hl/EnmpQHO1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TeamServer.dll.3

Files

TeamServer.dll.3
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.mvid
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ