ParadoxFREE_V1[.]0_OBFUS[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ParadoxFREE_V1.0_OBFUS.dll
Size

153KB
MD5

be2dd359a32e20ae9a57d8ab3ab10893
SHA1

e1b5bb2c7d5312eddf731f038542cdeec989b993
SHA256

20d31c74e8cc9b4e117539149cca83b32c5c432dc133682520ee1c70b8e7e45b
SHA512

e8d00698ce2fcbf6a0876b1051836edd9ca7d230fb22df64b0f80091bc4496ece2f483ca52af88d964f300f03ac6e18623eb24504cc8c601ed1770ebd7288751
SSDEEP

1536:Ys+vhGupA9/FAeiLHptNW9b/ApmyK9XieypTaQ4IHMxlXVs2K:YBvhGupoMnU5iig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ParadoxFREE_V1.0_OBFUS.dll

Files

ParadoxFREE_V1.0_OBFUS.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ