BTD6Rogue[.]dll | Triage

Sharing

General

Target

BTD6Rogue.dll
Size

584KB
MD5

39deaeb8124147c7e52604caca6baf8a
SHA1

88773b6cfb7eb2fe0e72844ccd169229f389e0ab
SHA256

5489b476821333fcf787e985fb1db7f41f859ac8edea22f46fa7f9114aafd110
SHA512

fbb6d67302322ac0d48bd3445730dcda2f1e0888410deb156c2cd30ce38df588c6b55239de7bcb939488ff1d1621324853432a085a2c5121ad375cce5bf173a2
SSDEEP

12288:rC58qeXoAIhmPnDIyel7qRrUq4YRuD0AVuVMdM8us8/TYZJ:rCOqeNIYPn4BqRrUqFCUV4MT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BTD6Rogue.dll

Files

BTD6Rogue.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BTD6Rogue.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 582KB - Virtual size: 582KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ