Query[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Query.dll
Size

104KB
MD5

ba56fdd70992b765fe6f9ff481c911db
SHA1

d78f84dd11059e678bf14883129aeb31c4e0cf8e
SHA256

e288760adacf8222a95f79fd3142afa1480690ebee1584195d946d294fcb9000
SHA512

f39c6a4cb46bc1746ae6a200a040be05c5ecc664703aaec9a27531d5f0b99c480932bd68e0d8bf3ecf41c84a6c09f9e23ce86003cce0b7d5c349293ef3c79b92
SSDEEP

1536:6vw1WdMnccZuZmxaiBdqQqrqzq8aToUj2lnZ9JwADgPx:6Y1DnPZuZmxaiBAtGOq82lnZ9JwADgZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Query.dll

Files

Query.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\XTMS\Query\obj\Debug\Query.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ