5b4e101942d6c2da67d7f22a3c21dd248a62c4569b8c254c8884e2e794af12ef | Triage

Sharing

General

Target

5b4e101942d6c2da67d7f22a3c21dd248a62c4569b8c254c8884e2e794af12ef
Size

3KB
MD5

f564779cf4133f515b6e5a9c4671c8ff
SHA1

8282f963d5a20df843a27d9cb53de005e22baf87
SHA256

5b4e101942d6c2da67d7f22a3c21dd248a62c4569b8c254c8884e2e794af12ef
SHA512

6e0f1f620fbb52e7f44adbc44fa2fd22fb9b1f18586596e74e4bec26749c9c9844cabd24560da2b3c6fb4ceed5d7e611e89853a58b701b71633849ab4d98731d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b4e101942d6c2da67d7f22a3c21dd248a62c4569b8c254c8884e2e794af12ef

Files

5b4e101942d6c2da67d7f22a3c21dd248a62c4569b8c254c8884e2e794af12ef
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ