ZrayComm[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ZrayComm.dll
Size

210KB
MD5

f26dafffa47320c517f907cb726c3e95
SHA1

0978610a038b23b52c76906ec4f32963d4c22186
SHA256

eab27db2434a39d77a19bad14cec1a0dccb9f6aed6c55405da38035614ae6f96
SHA512

d9d1495607b2815dff6fc867afd4aa4cd0058db21b3016fbfd7390aec1e16c0de8ed835ca42b09eb428d5fc7780ee0ab2d56848b1326fa2acc66556c07056d8e
SSDEEP

1536:SMpUA0ewtQuT3j5UZSc524Put8l1ImG/5RfzSZUhKm:SM4ewJa1pk8l1ImG/5hWxm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ZrayComm.dll

Files

ZrayComm.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\workspace\202311.乾通达物流-WMS二期\10.PRJ\winform\ZrayComm\obj\Debug\ZrayComm.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ