b31310141d7a1a81a69426f230a4ef54366dbb745e6249237ddd9b68be2f6a51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b31310141d7a1a81a69426f230a4ef54366dbb745e6249237ddd9b68be2f6a51
Size

99KB
MD5

62261f0dfbe064ef8f532ac7505b3f65
SHA1

ca1bc2dd5ad5b257176239b8bd1dc1afcb7f7aa9
SHA256

b31310141d7a1a81a69426f230a4ef54366dbb745e6249237ddd9b68be2f6a51
SHA512

849a9e97de9115c3c9403677f1f67a6c7ba0ffbfac5a74a94cfabe9d8f46f0b4d220543cc8479e1d6e1a72225cba920bf5b58675f3cc1ae20de803b1beb13400
SSDEEP

1536:vJIwy+jtHytGHPxD4TQLFvY+ZmncVrAxSarxTQzOfBw:hy+1ytgD4TktY+ZmncyzxTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b31310141d7a1a81a69426f230a4ef54366dbb745e6249237ddd9b68be2f6a51

Files

b31310141d7a1a81a69426f230a4ef54366dbb745e6249237ddd9b68be2f6a51
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\Pc\4-SourceControl\Trunk\FetionVM\obj\Release\FetionVM.pdb

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.extrel
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbgmap
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.il
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

cfwhtx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 78KB - Virtual size: 78KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE