AddIn[.]KX[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AddIn.KX.dll
Size

44KB
MD5

182e7a02cf90919122d96147f078018d
SHA1

ba959d1e178b9cb52cfdd0fd3dc1776734814eff
SHA256

baa9b792bf08059c9af4d34290012ce0daeafdbf40cf009b920de3e7d3891bfb
SHA512

b5a277fd9d1ab69fc2f0e3e2304ab0ce14031e219eb93e2a220de1bdd3b21f9ba26e427c2a6b5e98e2258c7be6eeed417ff5785ae07ddc8d41df56d895259022
SSDEEP

768:ffH2pXbAzxW3BFW+xrgx0GR8pQSb8vA+eGYCjwpWtOS:fuprlBMaG5SUA+etCjwpWtOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AddIn.KX.dll

Files

AddIn.KX.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

g:\YanglidaoWorkSpace\X9Ver1.0\mes\AddIn.KX\obj\Debug\AddIn.KX.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ