32dff1be3a30bd48a04d5dc3e1abc8496b6e4fe6617691d39df642c1b9dc80c1 | Triage

Sharing

General

Target

32dff1be3a30bd48a04d5dc3e1abc8496b6e4fe6617691d39df642c1b9dc80c1
Size

304KB
MD5

b88920f03adc5f33bce65e2959bc9579
SHA1

31f72171775705043d6ea85d9b8a2675945cc01c
SHA256

32dff1be3a30bd48a04d5dc3e1abc8496b6e4fe6617691d39df642c1b9dc80c1
SHA512

389b2e7a2bd1b7d443189fb70bcc9ac1b099c633dbb0662026f7e0ca36ac410f550a26ea334540c333591914f42c841013104af02bffd1f178e507a64412c5f8
SSDEEP

6144:rF85Ue5uTh9thhcpcCJOiZQi33wuz4UT:E09qvguz4UT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32dff1be3a30bd48a04d5dc3e1abc8496b6e4fe6617691d39df642c1b9dc80c1

Files

32dff1be3a30bd48a04d5dc3e1abc8496b6e4fe6617691d39df642c1b9dc80c1
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

J:\.quickbuild\50826\Flux.BendAdapter\source\JobInterfaces\obj\Release\Trumpf.TruTops.Flux.BendAdapter.Interfaces.JobInterfaces.pdb

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wibu
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ