Ywt[.]Atten[.]Logic[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ywt.Atten.Logic.dll
Size

30KB
MD5

74d75ffc6d60c026888d54fac1bd29c7
SHA1

a36a56bc42afc0fe4f178cdb277984bc5e79ca88
SHA256

8aab2f09d076efabff7ff77cfb244fdd47530a6f79424a5e6e4118bc987b140d
SHA512

27c6d55aab3206a61172e8f3d8f30ab97e9fee357ade9fa6993763b2d84d70c9f91d4e7db96b981b23705647ebbd45922f505723d7e154ecc119820308d83396
SSDEEP

384:ade6cKaRqmrInL0Tty06ZjTvdxckO7K+n0Wh2WrQo4ChUXaFCct:yB1VTlxOJn0Wh2W0o4Ch+aDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ywt.Atten.Logic.dll

Files

Ywt.Atten.Logic.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\work\智慧工地\smartnetcore\Ywt.Atten.Server\Ywt.Atten.Logic\obj\Release\Ywt.Atten.Logic.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ