SharpZipLib[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SharpZipLib.dll
Size

213KB
MD5

fd4c12b60fcd0111997f511750a4fe2c
SHA1

eb05c69a959cf23a8f513f41518d4821c5e74e0b
SHA256

fb11fc8d0f0f9eb3f2d37dbdba00d800d4f85707c9d4f2ae7be6573c9f87b971
SHA512

6056690c26b99f92efd840d38f2db5282f770ccf66fa28f7ef2e34d2f21a5db801a3f601a24688cf01b3ba348c7236bdf08f8a08a7f373071d4b61e71897c2e9
SSDEEP

6144:GRi7+ne07Q2U5LKumPPgW6hGwL15AC5DKvR:GRS7GgWQZTT5+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SharpZipLib.dll

Files

SharpZipLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\GoodChief\SharpZipLib\obj\Debug\SharpZipLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ