2fa35a472dc8ec0c6b3a8540a756d1d59d76a70ff8463b2728af3629247bbf00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fa35a472dc8ec0c6b3a8540a756d1d59d76a70ff8463b2728af3629247bbf00
Size

3KB
MD5

2bce74e3fc39f9988c0a71cc22ad8ef1
SHA1

d4d5392b3ec409c7461dab04034e2b4ff54c4da8
SHA256

2fa35a472dc8ec0c6b3a8540a756d1d59d76a70ff8463b2728af3629247bbf00
SHA512

5604d440c02841333d9b3d886839d966c4ecd8849ea7e91fd9bf6c2fd650983fd25f16c7b2e03a4a791c0ddbfe6dce15e5ae8136721eb05bd1f2059d2d7cb213

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa35a472dc8ec0c6b3a8540a756d1d59d76a70ff8463b2728af3629247bbf00

Files

2fa35a472dc8ec0c6b3a8540a756d1d59d76a70ff8463b2728af3629247bbf00
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ