4930defd08df7b6cb3b8d0d6b328f5190b87abf860c3ef2c172c53bd70cb841d | Triage

Sharing

General

Target

4930defd08df7b6cb3b8d0d6b328f5190b87abf860c3ef2c172c53bd70cb841d
Size

3KB
MD5

186fcfa400c660156a0693df857a5583
SHA1

e7364f5e7ddaa7d401d2bc03a6f4c50d5e625778
SHA256

4930defd08df7b6cb3b8d0d6b328f5190b87abf860c3ef2c172c53bd70cb841d
SHA512

0b239b6e47ba6a8ed721375852a1841c61c5ebcf3f79b6e9408dbac0709035320fa84d003d0a7a3eda9408b63fa87a0626767d8d88d987a681e49c84eda3c370

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4930defd08df7b6cb3b8d0d6b328f5190b87abf860c3ef2c172c53bd70cb841d

Files

4930defd08df7b6cb3b8d0d6b328f5190b87abf860c3ef2c172c53bd70cb841d
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ