OnlineFix
Static task
static1
1 signatures
General
-
Target
Custom.dll
-
Size
3.6MB
-
MD5
28c87bb3b0a5ca2c9808e83993c3da03
-
SHA1
babdb64f468b6893b7798a166d484f1926ec599a
-
SHA256
c53e2fe707e0a58286c0ca7e15988c7e07a5c6609744465d5099131d115d4a3d
-
SHA512
106dfbded22dae2f0d10655ae555e9e7fbe5f5aa28f38a01879ee898dba3e7f7ccd5658d8670f5b1f922e3cd2a2a90d6d9c557f95da239ceb7b4cfe65508999c
-
SSDEEP
98304:5tqYopU5sN4sxMFCh2+cGjeQTBTb6rJBy7ZA9p:5tqYopzeS1hF56rJBy7O
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Custom.dll
Files
-
Custom.dll.dll windows:6 windows x64 arch:x64
a39f8804411fbeaeac2f4ef1a9ba1a83
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
VirtualProtect
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
MessageBoxW
Exports
Exports
Sections
.text Size: - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.of0 Size: - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.of1 Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.of2 Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 196B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 913B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ