api-ms-win-core-libraryloader-private-l1-1-0[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

api-ms-win-core-libraryloader-private-l1-1-0.dll
Size

2KB
MD5

c8cac4447a0c93abd32ef6681380e371
SHA1

2be49a43ebe77172614aa54876673cd33f7f07d4
SHA256

7e8a06b017aab4e52c7c3a3fcbd401f22cf027e85c2a9f9515bcdb11b7598dcb
SHA512

74aa50bba4db6279273f854f13f987e77b4692a2a6aa8d7ba5ab9f4e361152c1610aca0fbafe9829737d675e6ab678f0ca2b05ab58d8a78a903d3bdca2a953be

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-core-libraryloader-private-l1-1-0.dll

Files

api-ms-win-core-libraryloader-private-l1-1-0.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-private-l1-1-0.pdb

Exports

Exports

QueryOptionalDelayLoadedAPI

Sections

.text
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ