Static task
static1
General
-
Target
nebulas_paid_menu.dll
-
Size
113KB
-
MD5
73f8773594a3104b788e4a26f690f636
-
SHA1
6ad75e16e2e648e5a9596fc03e74dc7adf5bad1f
-
SHA256
664da8f0f4bf4b8c09b18e21bb7704909082d01b802d7d6bac70ce262d6179de
-
SHA512
894fd01b026c642acd02513d8dfc809dbd01795cc1c936aa9d522cf9ed7828e4e11888f659a65a2bce7161dc39fc391c2ad4c207f311742bd9e0c0874a126db1
-
SSDEEP
3072:kNH9f4ysNvAn8qAwkCD1o3ZX2/sOaXGSu:kNH9f4ysGew/i
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource nebulas_paid_menu.dll
Files
-
nebulas_paid_menu.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 111KB - Virtual size: 110KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ