EasyFAS[.]Modules[.]DataContract[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EasyFAS.Modules.DataContract.dll
Size

1.4MB
MD5

7c64fbd0f5cc78cb76ffb1d46359ef74
SHA1

0ccb961643864f7237a2394e460b628c8b4d9315
SHA256

c56c24d9daa1140720ac9e5a93726edba277c87441201063c2a53995871c8cdd
SHA512

11f5784b6b6d35988bb95e6ffbf272e84c13bdcd25924116fe23348bbfb72461b1dd8a820984b572d383043ad0d5a0f5c68b7118249042fbfe617b864df87cf6
SSDEEP

24576:Qa8cV9L4wl0POSfpBuTiN6zkT0NHI87c3WiiUWV7oK8ySsVQBKC23L6eQk2VO8+N:XjSBB23L6eQk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EasyFAS.Modules.DataContract.dll

Files

EasyFAS.Modules.DataContract.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Product2\IMES\trunk\Modules\DataContract\obj\Release\EasyFAS.Modules.DataContract.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ