AudioDeviceCmdlets[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AudioDeviceCmdlets.dll
Size

44KB
MD5

5389810239311ad2c441132dd4669fc0
SHA1

46e4f8308265e68a2ee7e089221c689b3ca0394f
SHA256

ba6c7669dc6355ccdb549c03cb4872e04fba5d6c181e60c4636eb70fafce1bc5
SHA512

48336ef62f8139f0aabbe73746448c68696c0160fb55999c3f3a9a85f847e6a8ef399ca9f35db14b59854ffa55ea4259dee0a83ea17956e88e7936b81c323b71
SSDEEP

768:VyizBCdTaUyi6wg3FXPOAIHT8/pg2c6wex5kOXRknh7uWXrR:Aizwmi6B1Gz8uydknhZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AudioDeviceCmdlets.dll

Files

AudioDeviceCmdlets.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\franc\Source\Repos\frgnca\AudioDeviceCmdlets\SOURCE\obj\Release\AudioDeviceCmdlets.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ