f5952258786528901e8290a9c2f475b677dbfd0c2dc23229a6c5c2ded8cfadc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5952258786528901e8290a9c2f475b677dbfd0c2dc23229a6c5c2ded8cfadc8
Size

63KB
MD5

6786e81c3924340ab86508d6c90751a7
SHA1

bc89b90875483f8e88b3d7435d60cb48aab36a4f
SHA256

f5952258786528901e8290a9c2f475b677dbfd0c2dc23229a6c5c2ded8cfadc8
SHA512

4544e48a906e7cf788d5559b160e8eaaaad09c3bf1cb3f2bd13c7d16bad83436226c54071459241a436dc80728336669f8d28f7547aa99b6f7d2642953a1ac67
SSDEEP

768:yMXj4SWEb57W7pgIjPfVVahkP4cTn8Zf0/wpWVZRpfzNXA0mkZ+eRpv8ZkTG5v+e:yu0SW+0kxcz8/pWv3zNw0mBeQZkTCkO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5952258786528901e8290a9c2f475b677dbfd0c2dc23229a6c5c2ded8cfadc8

Files

f5952258786528901e8290a9c2f475b677dbfd0c2dc23229a6c5c2ded8cfadc8
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.ViCon.Services.Wcf.SimulatorService.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ