BusinessRules[.]dll | Triage

Sharing

General

Target

BusinessRules.dll
Size

184KB
MD5

a27a29eb05f4ee6f89663e2b4ddcc345
SHA1

2c153428be96814c8dcbca69e537887e82e52b8f
SHA256

9240caf5f3d0bc6fa2d38293644a68d4505fcfbb365f2b3a8cdb8a46197bbf6e
SHA512

6a0b914138e6e6688084aac2b653b1879e905a402d557186bee7a5fe5befa14c7641f7e05e57dfb34c844940d677dac7cfbd949078481e18514e0ea6ddedff76
SSDEEP

3072:fAgAnTo35BsF/mmmAmefaoCid5O6c29CaO7:ioJBw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BusinessRules.dll

Files

BusinessRules.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\ytsoft\Group\C6.Net\Custom\BaseMent\BusinessRules\obj\Debug\BusinessRules.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ