f23e11dcc8c356ffa408f70cc785cf1606a991199b9a96cf24c589d73c288f47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f23e11dcc8c356ffa408f70cc785cf1606a991199b9a96cf24c589d73c288f47
Size

52KB
MD5

ee0b9af227be731eae15a9523cea1ec8
SHA1

7c895082ad189f50ab71301cc50920b055ec8af8
SHA256

f23e11dcc8c356ffa408f70cc785cf1606a991199b9a96cf24c589d73c288f47
SHA512

bb7d957404b8348b37ccdc7fbf63e8a36ebedfd82adc8375a7a00b8101b9545d578f1219aa8dbf0a03ba0db236bd119fa7980c30b662a28589ac5c4d05492931
SSDEEP

768:h/zrjSvpmlwpdYidgTTOL04StaMfM/MPMXMMWPM+/vcx7T:Nzr+vpldYidgTTOXuakUQIQ9X6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f23e11dcc8c356ffa408f70cc785cf1606a991199b9a96cf24c589d73c288f47

Files

f23e11dcc8c356ffa408f70cc785cf1606a991199b9a96cf24c589d73c288f47
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\万达信息\TFS\HIS\FGHIS4.0\财务管理\医保系统\上海医保-五期\Fugle.HisObj.YBSH\FUGLE.HISOBJ.YB\obj\Debug\Fugle.HisObj.YB.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ