488aa18a8c5aa3f2663a3710fe6fa4720b479552546b276e0b59fb929b6791c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

488aa18a8c5aa3f2663a3710fe6fa4720b479552546b276e0b59fb929b6791c4
Size

3KB
MD5

c202372842f38658d53eacc10dd71ad6
SHA1

21226f1bd570aa71142ccd32b3a056b43cb6b1c5
SHA256

488aa18a8c5aa3f2663a3710fe6fa4720b479552546b276e0b59fb929b6791c4
SHA512

26381d6065dc0151d3c6f8e506a9195aebaffc5e37725c1ec02278f5355a1525a859a81b92c24863722faf6db34b51b80199b54bb32cf23a5ea47980dbb30a71

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488aa18a8c5aa3f2663a3710fe6fa4720b479552546b276e0b59fb929b6791c4

Files

488aa18a8c5aa3f2663a3710fe6fa4720b479552546b276e0b59fb929b6791c4
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ