ZFDWeb[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ZFDWeb.dll
Size

1.4MB
MD5

50b1e633cbd4ad735627c7d9b38ac53a
SHA1

4df61324bdb03b059e566ca93376a8eb30ae4456
SHA256

22da90de998c77f941624960a21ecea9c5e97ec06447f8a5a51af23ed0a932f7
SHA512

e233cf88e0437a517622abe31a6393688196e31d2c9a3023ff1ad0a75995f3a86b1e0175f4017c174ff51fafdaf9aa9c24e36399d9f038739e1ff89e90231a41
SSDEEP

12288:ZLha3JjGWL66gwLxrrXJfg/P9rkQI1p9vIxGvEykGHrTA3dAE26ItOd:dha3JKW+/+rXJSkQI1pJIxUfkG6LL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ZFDWeb.dll

Files

ZFDWeb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\项目程序\ZFDWeb\ZFDWeb\obj\Debug\ZFDWeb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ