e1f145651db108d1040ee3adcf54a5db6f8cdcf8bfce278ca41f6362891b06f0 | Triage

Sharing

General

Target

e1f145651db108d1040ee3adcf54a5db6f8cdcf8bfce278ca41f6362891b06f0
Size

3KB
MD5

fd564b23bc343e3b56aaff2b5d75c6bb
SHA1

d93de4af4b0cb7d4286d5bc6890d0c7840bb33b2
SHA256

e1f145651db108d1040ee3adcf54a5db6f8cdcf8bfce278ca41f6362891b06f0
SHA512

4b599d3e2920547b2b20d4e7b050714987d53eae98546c1f5fdaade52496e3cfbc08c9f4ac9295a5eb6604152185223782ff86d3c885438e09f9bb5e62faceb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f145651db108d1040ee3adcf54a5db6f8cdcf8bfce278ca41f6362891b06f0

Files

e1f145651db108d1040ee3adcf54a5db6f8cdcf8bfce278ca41f6362891b06f0
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ