Erp7[.]Pos7CE[.]BLL[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Erp7.Pos7CE.BLL.dll
Size

37KB
MD5

ea4e10e02e6127d0fa911dd77a38186e
SHA1

2ea1e7b3612f7149c3a907cb8548f75c387a8e3e
SHA256

632923fd7a44f584767723b4802c3cfc02c2b69c489b2b9080e71618eb8a89ff
SHA512

7ace15d33884195de13bf3f2e73712454aac36e338d5087e9ebd751755081a83c02e6fc4c52d5fbc3273fe9315d4303b050a00c7637cc3c641803ec45897af98
SSDEEP

768:quSbnvumhauIwugpoxSevhB+jliIRGnQhK/eur97:quSbnvum3IFgpCn9eur97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Erp7.Pos7CE.BLL.dll

Files

Erp7.Pos7CE.BLL.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\DotNet\ERP7.NET\Hanson.Product.Erp7\Pos7CE\Hanson.Product.Erp7.Pos7CE.BLL\obj\Debug\Erp7.Pos7CE.BLL.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ