849d9c6a5fc6999e1bc7a2fa6e92e7bdc2c1ebc4b9057cff5396e2fb341a77ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

849d9c6a5fc6999e1bc7a2fa6e92e7bdc2c1ebc4b9057cff5396e2fb341a77ad
Size

20KB
MD5

049572ce86c6e13842f5baeb8e8b9363
SHA1

5f5f65fc6e37a5b9e066297480f7b29a1a20b8e6
SHA256

849d9c6a5fc6999e1bc7a2fa6e92e7bdc2c1ebc4b9057cff5396e2fb341a77ad
SHA512

6afcbc4e362958d1a154a8140a0b716597966198d6b895cc07be4f524c20183ebc1b0a57f45c20ddd083084624e7176fdf7ede4c1f084bcae34d976dd5112953
SSDEEP

192:8Wx1azu/ihCc3kKRDDBZCkZFu67xO1U6k31:Nd/ikn0Cku67xO1UX31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
849d9c6a5fc6999e1bc7a2fa6e92e7bdc2c1ebc4b9057cff5396e2fb341a77ad

Files

849d9c6a5fc6999e1bc7a2fa6e92e7bdc2c1ebc4b9057cff5396e2fb341a77ad
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\项目\域名劫持\BHO\obj\Debug\msreg.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ