ap-file-ir_ouktwwinres[.]dll-1071363386[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ap-file-ir_ouktwwinres.dll-1071363386.zip
Size

61KB
MD5

4a6254ba40d0807557fc53dcefb4bade
SHA1

183eb4a42e0d2be1ff4068b8c230b027ec0940bf
SHA256

228c48af0c640fb50e878afb91f1a110026185d656d25ada13f89db60334e2e2
SHA512

43c300b9d734d4ef2ff88bc715c252f43710867a4d005d2262e479b86bb4cc3b20bb3a5481404bf264ea61b389ed348d763329366d492dee4749f63a4a9a7918
SSDEEP

1536:QM/RKcjBtcfUAeUHKPuOsJQnUNS39uGG78LzIZ:QwRKRBeUHKPgJQUGAGGg4Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ir_ouktwwinres.dll

Files

ap-file-ir_ouktwwinres.dll-1071363386.zip
.zip

Password: cautionhandlewithcare
ir_ouktwwinres.dll
.dll windows:4 windows x86 arch:x86

Password: cautionhandlewithcare

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ir_ouktwwinres.dll.METADATA