Lskj[.]AutoUpdate[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Lskj.AutoUpdate.dll
Size

237KB
MD5

d860b33e140a713b457894178bd27e9c
SHA1

132d9b35bbbc148678c9acbd1b8a0b25ee26c26b
SHA256

88a6d82ac410a9ed4d4b2a644295af6faa0e54079a3f932981b1dbb2c693e30f
SHA512

a2564b658dadb4b8f59aeb9d95057d50f0b3a0561c60c4133eb1b7212efc1f3b8cbf2ea9da2cf1a8d204007c84e8b1dddc012cf072418ee8db52ca1d2d692a7b
SSDEEP

1536:PH+mpo4/RCXZUC3z6a20vFH37/3z6a20vFH37T3z6a2+:PHhpR/RCpd3z6lqr3z6lq/3z6l+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Lskj.AutoUpdate.dll

Files

Lskj.AutoUpdate.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\ERP_CS\插件库\Lskj.AutoUpdate\obj\x86\Debug\Lskj.AutoUpdate.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ