80c6dd2619200535004103c42808ef3e5d5e94ac590656ba146d8758a0161167 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

80c6dd2619200535004103c42808ef3e5d5e94ac590656ba146d8758a0161167
Size

18KB
MD5

07e2a0fafb4316769b40cec1a62cdc12
SHA1

96958fa87de4916e449e937503a7e3e71972a772
SHA256

80c6dd2619200535004103c42808ef3e5d5e94ac590656ba146d8758a0161167
SHA512

43893496e9f4d2dc585ac3a6ead27714b4caf9759b31ffa7be9d271613867fc45ec5a04181e55d9eb274033277229b4a3d93222060b66880cd549cee65e03655
SSDEEP

384:CFJHl33S3ktEui36FYUgqfzF3AojjGgd+56Ogd+5nlAL9/:CR+aYKfzJ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80c6dd2619200535004103c42808ef3e5d5e94ac590656ba146d8758a0161167

Files

80c6dd2619200535004103c42808ef3e5d5e94ac590656ba146d8758a0161167
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\RX\Storage\nn48\git_repository\base\HRPro.HRProWredSolution\HRPro.HRProWredSolution.Client\obj\Debug\HRPro.HRProWredSolution.Client.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ