D:\OverFlow\Overflow\obj\Release\Overflow.pdb
Static task
static1
1 signatures
General
-
Target
overflow_january.dll
-
Size
107KB
-
MD5
fa55bc65a2810193590e4ea96605be8a
-
SHA1
b62b2f5717b7f2cca90a09135094f02c3a277516
-
SHA256
b946c02cd33942b3ad00c1c6df5dd7d69da6206608fecac2c3c30abefa131a09
-
SHA512
37f7047f85634fd7f90f1c94e6d9296d0ad966cbb64fbdea683826abf3789cf7f0d2bd7e57f26a6510dc7155c9b0fbddb1ec09c6de0a819caf243d7f3803473a
-
SSDEEP
3072:dO7gUWDA41pHVXZFFEyR1FzhEBuO62tZ1Xc:dRHVXGyR1Fh1OXtZ1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource overflow_january.dll
Files
-
overflow_january.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 888B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ