de13437e21678c2e9d5c810b819c06f27e7e1df421574cbd1c8cc1eba6eb09a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de13437e21678c2e9d5c810b819c06f27e7e1df421574cbd1c8cc1eba6eb09a8
Size

402KB
MD5

3c5079266c637e3edf892e888557183b
SHA1

17f5918f86d8220c194cc38c9f1e6fc59fbd3c1c
SHA256

de13437e21678c2e9d5c810b819c06f27e7e1df421574cbd1c8cc1eba6eb09a8
SHA512

df32db126ab94316f13e0d8035a0d41a7964c6a56ec495d77935b013d1b6844c9663a379b4c2b2f4440a6d313b3467858dbeeab757bbf891e9c6c130284ea764
SSDEEP

6144:MQN0fc5sy89jdaihhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh+n0On0odxfKM72Oe:l0fc5mdEqi/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de13437e21678c2e9d5c810b819c06f27e7e1df421574cbd1c8cc1eba6eb09a8

Files

de13437e21678c2e9d5c810b819c06f27e7e1df421574cbd1c8cc1eba6eb09a8
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

J:\.quickbuild\50826\Flux.BendAdapter\source\RESTFacadeInterfaces\obj\Release\Trumpf.TruTops.Flux.BendAdapter.Interfaces.RESTFacadeInterfaces.pdb

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wibu
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ