6a511a9b6149dafffdcd02cc394486523ca03959194283791427cefe83ba510f | Triage

Sharing

General

Target

6a511a9b6149dafffdcd02cc394486523ca03959194283791427cefe83ba510f
Size

52KB
MD5

33c4c15195ee3338c7623f8f8783d5f2
SHA1

dddc007061f947ca8966d9f98546f26a01f33a30
SHA256

6a511a9b6149dafffdcd02cc394486523ca03959194283791427cefe83ba510f
SHA512

209c6574df6b49edc2903992991466358d277ac6998634dd58580023d49039c3583d3e60f4425a9bec91f94de3edc182c6414d73e9dcfa6e2973f2ad600d6498
SSDEEP

768:PrD5PmHvhbEIxDffJW+UaU1ruFzzkQPk:jD5PmPhA+jhW+7P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a511a9b6149dafffdcd02cc394486523ca03959194283791427cefe83ba510f

Files

6a511a9b6149dafffdcd02cc394486523ca03959194283791427cefe83ba510f
.dll windows:4 windows x64 arch:x64

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\BuildAgent1\work\daba42d1fffcc3d1\obj\r64\Sim.WorkflowLicensing\Slb.Petrel.Sim.WorkflowLicensing.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ