6f5e56e4b59faf1a910f642ada1a5b5181118962a246f9b94ad64cd36b2b9395 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f5e56e4b59faf1a910f642ada1a5b5181118962a246f9b94ad64cd36b2b9395
Size

233KB
MD5

c38d4f1a223be9832a05fae5bde6e8de
SHA1

def1258b2a62e4c35b938cbe833158792225728a
SHA256

6f5e56e4b59faf1a910f642ada1a5b5181118962a246f9b94ad64cd36b2b9395
SHA512

9f524174075618d784f3a314aa36744301aa3906a4cb690f6441b33542153890bf4d4945c1c27e7d4f4e02beccbc702fd8ec1c80a574a827fdb5657fbba274dc
SSDEEP

6144:Wt84W+7nXGvMTh/TB2z7nlhhFMlkE6a2VnkqO0:Wt1Wc2vM07nlhpvVnkn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f5e56e4b59faf1a910f642ada1a5b5181118962a246f9b94ad64cd36b2b9395

Files

6f5e56e4b59faf1a910f642ada1a5b5181118962a246f9b94ad64cd36b2b9395
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\source\repos\mhw-cs-plugin-loader\SharpPluginLoader.Core\obj\Release\net8.0\SharpPluginLoader.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ