G:\Vs_Workspace\LP\lp_gzh\HISForSilverMedicalInterface\obj\Debug\HISForWeChat.pdb
Static task
static1
Behavioral task
behavioral1
Sample
HISForWeChat-备份.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
HISForWeChat-备份.dll
Resource
win10v2004-20240508-en
General
-
Target
HISForWeChat-备份.dll
-
Size
60KB
-
MD5
9b8973a5032c6a1ba79dfae6489fe38f
-
SHA1
dddbff81113bc0cad408dc1d48b5a3fcc0f75b96
-
SHA256
466127508eb20935a0833afd3056bcb3a8777399fb26ca258162cfbd10130fc3
-
SHA512
d8721e7d7833891862d09f513a946df144e6d6c9202edd2f305fefff15801fe99be4db6a0aac44b2dfae9fb5783c02b1032ab4565a2d3906a318db7b05c876a4
-
SSDEEP
768:VJbP0kOEmXgGM1ym+YtpCdVMToYaRulXdpnYDSZ285KicV0hkp7m3:L7YXqyZYtpCdfypYa2Ocuhk4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource HISForWeChat-备份.dll
Files
-
HISForWeChat-备份.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 58KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ