63404b862509acc5b95bdf2847a5d7ceedd27733b0a33c18035f15227f340a3b | Triage

Sharing

General

Target

63404b862509acc5b95bdf2847a5d7ceedd27733b0a33c18035f15227f340a3b
Size

15KB
MD5

d28c12a22c7e21e5276ec6b90d704534
SHA1

3039b70cf21e3d216eb0772986a33c9d1ea6396c
SHA256

63404b862509acc5b95bdf2847a5d7ceedd27733b0a33c18035f15227f340a3b
SHA512

f3c31db42ca2f9b32a88111339ce74e235ce0415d0fb662b2794526fce438cd48fadc2949dd61b616df6d9d6d8512fa166a89776612f0bd80f96c262ff760d24
SSDEEP

384:D9OFV3TY7PocqfA1kZIQgZdhc7WLJWWJ:hOWeqHN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63404b862509acc5b95bdf2847a5d7ceedd27733b0a33c18035f15227f340a3b

Files

63404b862509acc5b95bdf2847a5d7ceedd27733b0a33c18035f15227f340a3b
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

K:\dbs\sh\e16dt\0921_070734\cmd\0\sources\Dev\Performance\src\ExLogAnalyzer\Analyzers\RestLog\obj\amd64\Microsoft.Exchange.LogAnalyzer.Analyzers.RestLog.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ