Foundation[.]Common[.]Rpc[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Foundation.Common.Rpc.dll
Size

157KB
MD5

c4943dc7ad023842f05598012580edff
SHA1

1c8cd740574a495d72bf2e1ea0377547a505f9dc
SHA256

00eedc52dcb2724a5a4b8b0f7c8f4b3d113561420cdc24716c2bc1f05e9f12d9
SHA512

a4f2916ca49cdf14b3a50d15e306f7047faa6afb1ff48748b67f1539cfa8bba45da9aeb39bf3b7900fb1b0dd12e20990de6ea53ec6f40bfb2c04d6a38658714e
SSDEEP

3072:NAIRq1ZPbGV+3Da+IEQySsZmXsw2xAybbte2oAILO06:GIGPCV+3D1QySs0cgybk2HILO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Foundation.Common.Rpc.dll

Files

Foundation.Common.Rpc.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

L-dRTxw
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NUL
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ