MO[.]MSSQL[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MO.MSSQL.dll
Size

86KB
MD5

1cc8a2258f04ebf92db1f3f84e9f5fb4
SHA1

6ad1ea5ed38801fecd8f21e0e2855c48248df05a
SHA256

798940baa1f4ec47026f7abf1a3b5abf9731531c0654d268a6e6a0c7d5805c33
SHA512

b78679d9e9549ff939d6e75ff7c532555887ed5be7756743fde0577ff0b00e4213cd685b7c06aa103280f8b30cb270942714e83dc8e50d7b038d90e442d99f46
SSDEEP

1536:vOXXqu7WLb78zewU6ALsgsxIgT6JEYhjvjvypceq22FZfSBM2:veXd7ewRA4gsxIgTMEYhjv+ceq22FZfc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MO.MSSQL.dll

Files

MO.MSSQL.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\Personal_Local_Project\MO.Lib v4.0\MO.Lib v4.0\common.net\MO.MSSQL\obj\Release\MO.MSSQL.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ