HEBXB[.]Mgt[.]Gjat[.]dll | Triage

Sharing

General

Target

HEBXB.Mgt.Gjat.dll
Size

46KB
MD5

7ac9c211b3ddfff997607a419d020cb9
SHA1

4833a806bdfee3ced482cf8d59dee4c5c6d943a1
SHA256

e6b90344e42551e0449219a3e9e19ca52fa9adbe607932ef40fca58feba76fba
SHA512

b7acc1992564984492263ffaf2963befa4120fc507a67a411ae0ffc5ba65f415bbc958a6914d3017f4512a02089a91f9173727c63c2127a1d0a953f0ae92e70c
SSDEEP

768:zmtwbrfXtCEaF8gWV8HiEj06OYii493xIPm:itkDtCHiEiUjK3xR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HEBXB.Mgt.Gjat.dll

Files

HEBXB.Mgt.Gjat.dll
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\01_Net.Project\04_WebSite\branches\06_HEBXB.Mgt.Gjat\HEBXB.Mgt.Gjat\obj\Debug\net7.0\HEBXB.Mgt.Gjat.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ