RedbullKSA[.]ArchiveLogs[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RedbullKSA.ArchiveLogs.dll
Size

8KB
MD5

60b33a6a4ef63067e0f23887f0913be2
SHA1

ac4c4bb5bef6b516be5f2c717fb0daa5cdf01acc
SHA256

f271cdff3081d5ce6a56e736a7d72a4a8b2400c750ab1684566166960639b5d6
SHA512

644951509808bedb6acfa3b0101482f9b8e1abd736461b38ca9b728890d2cb0766c9995653d255f51bdd2d6acdf2dc86712365ed574bc7b3299f0f11293d7b36
SSDEEP

192:hAJ4y3wUZb/jbDInODqEuh7Yi/TkWFKVxjRHK5PDD:SAAvbDNDVulYkTO0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RedbullKSA.ArchiveLogs.dll

Files

RedbullKSA.ArchiveLogs.dll
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

/opt/atlassian/pipelines/agent/build/RedbullKSA.API/RedbullKSA.ArchiveLogs/obj/Release/net5.0/RedbullKSA.ArchiveLogs.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ