524726862f258dceee53454a40c055f208e783ec3989dad85c6bf845524bac7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

524726862f258dceee53454a40c055f208e783ec3989dad85c6bf845524bac7b
Size

23KB
MD5

ace1ff3213a8d3995eb66dfe28090564
SHA1

b966fc20f8e8f57e3d7e7407fb72ecb475a965a7
SHA256

524726862f258dceee53454a40c055f208e783ec3989dad85c6bf845524bac7b
SHA512

d5eb18404530cbb5b9e7a5975746ca3a44ae8e190b0a321089ec087b1dceff09d2588ce266e3e95b522ae62b86a2e867ada69af5d9b84ce684269024f36c7798
SSDEEP

384:/nZni1+qoxXyxZ0zsFMnNfXkVld9xwH07:fpifxjCNfX0v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
524726862f258dceee53454a40c055f208e783ec3989dad85c6bf845524bac7b

Files

524726862f258dceee53454a40c055f208e783ec3989dad85c6bf845524bac7b
.dll windows:6 windows x64 arch:x64

74abd25a7ee82ed1dba6d64d69639ecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\vko\source\repos\Bitbucket\quantm_develop\develop\Quantm\Common\COMComponents\CrossSectionTemplates\TemplateEdit\TemplateCSTEdit\x64\release\templateCSTedit.ESA.pdb

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent

Sections

.text
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ