EasyFAS[.]Modules[.]ErpProviders[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EasyFAS.Modules.ErpProviders.dll
Size

21KB
MD5

e349cd33abe43bf4c44a59a0581738c5
SHA1

1b29c8f1c6ea1eef739d4491a951492ab1d7a937
SHA256

6a11727c6e9ef6d645a98e2243d76716dcac80d2b65601b67933ef2d56d0864b
SHA512

aa445574be9630e690c5f2fc588fcccf3bd5f4e893fa426240ce5c5584acc890d63214c8729004d21a71f2918879830b86e988e6b9588e32ef78fe56c8d018ed
SSDEEP

384:8Y+sy1bCkIpM4XUTCz1iOuBcHh7YxgVB5s2DlVzZFAat4q5kafk:8/CMa9HuBczn+EpKykas

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EasyFAS.Modules.ErpProviders.dll

Files

EasyFAS.Modules.ErpProviders.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Product2\IMES\trunk\Modules\ErpProviders\obj\Release\EasyFAS.Modules.ErpProviders.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ