Erp7[.]B2C[.]Option[.]dll | Triage

Sharing

General

Target

Erp7.B2C.Option.dll
Size

752KB
MD5

283a8184fae83a55a60d693f84714885
SHA1

e736868044594d0caaa7c870db46042997a4f143
SHA256

f83add2612b661ce68123f443a9408b451753f879914eac498beddbe6fc5b63b
SHA512

ac282f0c66e5f8c2f0a96bd56fa873320e1707377c6710b5c735ce33e7d69f048e19dc211bf5d4c3b2e871b65ee350dc29daace6afbedce5507aef4ea7098690
SSDEEP

12288:mt9mjkzZG9yfB/HqNsANZtgA7gw/xhd54cglY:Sp/KbZaAhbNgl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Erp7.B2C.Option.dll

Files

Erp7.B2C.Option.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

H:\DotNet\ERP7.NET\Hanson.Product.Erp7\B2C\Hanson.Product.Erp7.B2C.Option\obj\Release\Erp7.B2C.Option.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 750KB - Virtual size: 749KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ