9f92b003049b391f40490d8eaf63f0f98d6bf4ff361967320e79622176946c69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9f92b003049b391f40490d8eaf63f0f98d6bf4ff361967320e79622176946c69
Size

8KB
MD5

92f090dd8e089e3f63657bbc643808b0
SHA1

0f3db3901cb870aa19ae9d332e742296192a27e1
SHA256

9f92b003049b391f40490d8eaf63f0f98d6bf4ff361967320e79622176946c69
SHA512

973f750f6c1c4246eef0dc8f713057b081e0c982c2e893521abd0501ed2cf6418e1839d61bbe4a6a5644ca4668f1b30bc78b445db34e637996e162727592b48e
SSDEEP

96:kIa6O6oAf8HUxkvqvNQHgp/Q1GA0fFA5NdYTxdL6X3Ny1T2Hgp/YaBWZ5PeW4KQT:m6zMc8XE6tWHWZ5PeWJDS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f92b003049b391f40490d8eaf63f0f98d6bf4ff361967320e79622176946c69

Files

9f92b003049b391f40490d8eaf63f0f98d6bf4ff361967320e79622176946c69
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\dbs\sh\e19dt\0427_153305\cmd\y\target\dev\messagesecurity\Microsoft.Exchange.MessageSecurity.MessageSecurityMsg\retail\amd64\Microsoft.Exchange.MessageSecurity.MessageSecurityMsg.pdb

Sections

.rdata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ