2a294be4a76df0b00a970fb6dda21a9f0651cdf9c5313fb8b66504a38b8e5b91 | Triage

Sharing

General

Target

2a294be4a76df0b00a970fb6dda21a9f0651cdf9c5313fb8b66504a38b8e5b91
Size

1008KB
MD5

3bf77108a14984dddb2a07f7942f97f1
SHA1

3e25b5f2ebb0523c07e6cfe441585a13ebf18f01
SHA256

2a294be4a76df0b00a970fb6dda21a9f0651cdf9c5313fb8b66504a38b8e5b91
SHA512

bdb5c2f4a214585f404b390e162f84407f776843229b04157f83138a61a5f8bc6c5a8999987f92ed7a25c00f99a91c2bbfb2512557c2e3cf87c3c6fdfe351e42
SSDEEP

12288:X60FhFoFmF8cjcsc4FEFbFgcbFmFiF6FhFuFBFuFDFHFtFVFjFfcyFzFaFoF6FcW:5RkiNq1CFniv1noUkudi+e2J+87Gp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a294be4a76df0b00a970fb6dda21a9f0651cdf9c5313fb8b66504a38b8e5b91

Files

2a294be4a76df0b00a970fb6dda21a9f0651cdf9c5313fb8b66504a38b8e5b91
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Data.SqlClient/netcoreapp2.1-Windows_NT-Release/System.Data.SqlClient.pdb

Sections

.text
Size: 996KB - Virtual size: 995KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ