21b08a5cfc3b3e99b38d49f2f8f49a32f2a59cd3c658e35e9f68f440066b9b68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21b08a5cfc3b3e99b38d49f2f8f49a32f2a59cd3c658e35e9f68f440066b9b68
Size

31KB
MD5

c756fd3d3275e1b5bc0f2b2fd3beb142
SHA1

6d8dcd4d71528b9354bb917229bf9d67c86063c3
SHA256

21b08a5cfc3b3e99b38d49f2f8f49a32f2a59cd3c658e35e9f68f440066b9b68
SHA512

ae396126e50cc4ca0a002f2b282533b4e495c5fbdb746346ade0c269765c0ea3a0c9f6e6bdf19481397c818ee5e42662b470332d75867583b94ba82b81192b80
SSDEEP

384:HcInkssy0xXX1JqWqNVs14qKRBqNmJQdiQrLqzqcp9JMZgRZtgQq0BNOmFUqFfmx:8bDT4XNfy8yYDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21b08a5cfc3b3e99b38d49f2f8f49a32f2a59cd3c658e35e9f68f440066b9b68

Files

21b08a5cfc3b3e99b38d49f2f8f49a32f2a59cd3c658e35e9f68f440066b9b68
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TC_WorkDir\6b1805b0075b1697\ApplicationServer\PRMRegistration\obj\Release\PRMRegistration.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ