b839beaaff876ac9568604eb4d07ec1d23e37dd0f594562de18e020f7ebc24b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b839beaaff876ac9568604eb4d07ec1d23e37dd0f594562de18e020f7ebc24b5
Size

27KB
MD5

42d0b486b84c0c603ba923bbde42b760
SHA1

bd98a06f27f296f995c08a78e79fbb78ab5ef670
SHA256

b839beaaff876ac9568604eb4d07ec1d23e37dd0f594562de18e020f7ebc24b5
SHA512

557b69e01b2572f62138cce817fc0b97de681ba29591f80cfc0ae0e6e3bd061d3fc35531bae82708825fe95ffcfc8896b22c9242b67880fa379450b9157c594c
SSDEEP

384:52OitgmPYAl0R3AFPQid0LUSt9p3ypTYHHKWbQKbiRS+1LeE7Gy/5cQTjN/y9Uud:gOUl0V2PJSoC9xykHKWEnRSW9vcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b839beaaff876ac9568604eb4d07ec1d23e37dd0f594562de18e020f7ebc24b5

Files

b839beaaff876ac9568604eb4d07ec1d23e37dd0f594562de18e020f7ebc24b5
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\Desktop\Chillet\Client\V4\Client.Helper\obj\Debug\net472\Client.Helper.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ