Urovo[.]Service[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Urovo.Service.dll
Size

29KB
MD5

2b19c5ec16f87778ced0d6b2e2562d7f
SHA1

9a883c2c4288fa5c40042d969ccce324d8529da7
SHA256

587a30f582e58b31008924ebc52da1b7641d526043923dcbfe27875542e98673
SHA512

70e2c9cb6e59c03b35c7ccc04f0d2ccd11afeab1f19a5913ad5da6ef4c88d0e5a7fc40ed096b83432af6d1cd305cc02c53032062879390e7e980d815173c2291
SSDEEP

768:wDzctCekvnPS9zySOWz8pild9G2Xm8WGZIV:w9ekvq9eSOWz8pM7XmwIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Urovo.Service.dll

Files

Urovo.Service.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\software\workspace\visualstudio\PDAService\Urovo.Service\obj\Release\Urovo.Service.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ