Remotion[.]Linq[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Remotion.Linq.dll
Size

171KB
MD5

2a860e6aa87893978e723ede692d0003
SHA1

7409c9951a2707d307397103292043d6bdcd9be7
SHA256

d2167562190cd14dfaf3bdc4cb65c6efff0f464d8ecd08a4f1348ce5015e4ecf
SHA512

afaf176c79b6fb79c904cd0d0307aa05fc4bdfbdbb1e27480e6014b0402f299a7b4a7fd37af9179e52df1d2f5fe74482f7fc35abc995eada29d57757e8e7c53a
SSDEEP

3072:prAXdyWQ2ps/GG3G3/s+9hNnLJHWsfwqyW61FTllYK8RFGHo6nBbCbrKWP2Ukr/G:prCP9LosfzyW61FTllr8RFGHo6nBbCbt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Remotion.Linq.dll

Files

Remotion.Linq.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Build\bcde262d57a50c3c\working\Core\obj\Release\netstandard1.0\Remotion.Linq\bin\Release\netstandard1.0\Remotion.Linq.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ