Cosmetx[.]dll | Triage

Sharing

General

Target

Cosmetx.dll
Size

14KB
MD5

6bf45a8a45385233cbf5f600a2529197
SHA1

8462638d1f714291d609c92b92f7e1a0cf43fcd9
SHA256

dd01f8ef35b285641d0864d9a89a2a3251fa4f87eaf8193faf69acdd9ff02938
SHA512

e86ba9f470a33c17a02c66719de7ee497802a30ec7b04f3a6ded384fae9e5ead45520c8b2df512a4891bb385f7be765b2518415d60d667b73f4605e555b178d5
SSDEEP

384:Qrei5yw+7uiHoF4dZhQ1EePvTwMV5HcZwwtmHSRmE9b+:QrB5k7DoF4UTTkZwOmSQE0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Cosmetx.dll

Files

Cosmetx.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\github\Cosmetx\obj\Debug\netstandard2.0\Cosmetx.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ