fa94c7c33d5808346efb3b66e09577536308d80b6b1e00317b21e8fe44e466d3 | Triage

Sharing

General

Target

fa94c7c33d5808346efb3b66e09577536308d80b6b1e00317b21e8fe44e466d3
Size

63KB
MD5

b79bdad7da110597811d60d35aa23ca5
SHA1

2635264c4ab014b60ab74abd73ffa53d61e8e7f9
SHA256

fa94c7c33d5808346efb3b66e09577536308d80b6b1e00317b21e8fe44e466d3
SHA512

7bb1559f27a4c990c849435985b37b6a98407469383c44e7c7533954e3ee09ece67e2f93dfd8453c2a4c215d74fa727a723cb126bfd24c3a66c601e33a0be3e3
SSDEEP

768:ABMZ0mmu1XXh/H/QlN2rKkraDPiPfSbzz1J56Q36265uTO0cz8XnCm2hnddq/THj:OMZ0duYMu8SzB4rz8ymqWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa94c7c33d5808346efb3b66e09577536308d80b6b1e00317b21e8fe44e466d3

Files

fa94c7c33d5808346efb3b66e09577536308d80b6b1e00317b21e8fe44e466d3
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.Core.Enums.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ