d15a3a3f1d68b68affb14a00dfc3d05dc23a1fe3a50c3e2edd34d489423cb1a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d15a3a3f1d68b68affb14a00dfc3d05dc23a1fe3a50c3e2edd34d489423cb1a1
Size

92KB
MD5

54ac5d66d33eacbb9daf67c62fda6d67
SHA1

47f73eb3640147a4a29441658195a27cb1aeb67e
SHA256

d15a3a3f1d68b68affb14a00dfc3d05dc23a1fe3a50c3e2edd34d489423cb1a1
SHA512

47b1f75599f41c1531f55eee366e33ae853d3c6711ab38749a4fe05001034d198b4b8e7958c44ff5efa250c26c56e90570733dca88ecb3fe3078020d0dbdc116
SSDEEP

1536:loFDUTJG68abRsEbc6EDD4cEcyqdJLJ62tDo:loUTLxbjED0cTyqdJLJ66U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d15a3a3f1d68b68affb14a00dfc3d05dc23a1fe3a50c3e2edd34d489423cb1a1

Files

d15a3a3f1d68b68affb14a00dfc3d05dc23a1fe3a50c3e2edd34d489423cb1a1
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\e16dt\0426_185856_0\cmd\1b\sources\Dev\Performance\src\ExLogAnalyzer\Analyzers\IisLog\obj\amd64\Microsoft.Exchange.LogAnalyzer.Analyzers.IisLog.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ