Netware[.]dll | Triage

Resubmissions

01-07-2024 05:38

240701-gbqf8axend 3

Sharing

General

Target

Netware.dll
Size

769KB
MD5

3dcd4dc74bb10e2636553327f35e01fc
SHA1

320f596811d5d20b6cf3370bda115c2de073ddc5
SHA256

addd9962dd7c9dd836ea77d1d84660b3d97462de0fe026b3941e9e5e5886367d
SHA512

802110f1b9db1543735aaf63386e66c12c89a203ef3ae1fd5d380168632d8b8b0e36983e451e8f5f1eb20377acb6bb7596061d357649787d95c7a105e28a0c0c
SSDEEP

12288:urvv14hBiKr7he4JLYXYGYpw2Jn/CdEjCbSXc:urvv1+hPYWlM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Netware.dll

Files

Netware.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ