0f2923a540a75172e7aab2aeb95f2183a365bcc6cb132bfd6235e8a1964f9904 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f2923a540a75172e7aab2aeb95f2183a365bcc6cb132bfd6235e8a1964f9904
Size

3KB
MD5

54abdf3c006c0058f127c7111d8a6191
SHA1

4cbc2fc9aecb7c32d0d01c9b9a40c6f8ca24a9f5
SHA256

0f2923a540a75172e7aab2aeb95f2183a365bcc6cb132bfd6235e8a1964f9904
SHA512

c3adb5e67ab388c7c4aa6c21cf8aa0c7eabdd4a0270b55851e7c4aa6b7ebe5ec4e207446d60695742f18bd40e6ab66459a433c3a62ed680cc362b078f7761dc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f2923a540a75172e7aab2aeb95f2183a365bcc6cb132bfd6235e8a1964f9904

Files

0f2923a540a75172e7aab2aeb95f2183a365bcc6cb132bfd6235e8a1964f9904
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ