General
-
Target
RexonPAID.dll
-
Size
5.8MB
-
MD5
cf8077749fb5de60f8f9dca0fc0465c1
-
SHA1
4ae8c4cdb0bb91131b6e494cbf5a660047868f3b
-
SHA256
ab36ccf63227c11b16095372e98897b41ed50b80ea69004688a536d66e3f66f8
-
SHA512
83d0d0ff7174f16a194c7f1cbdc8b25394438419cdf20d758765b3d038df70c7b0e5c34a6027766bb69ad967742de78308ea0b93efe4fe591b60289b95f0a6b0
-
SSDEEP
98304:i7ImEvVQwZTL0vgRrXU6kM+DHOd4UsfY2nnSvqjUpSoJOElFP63EPGmSYaGA7WPa:i7ImEvVQwZTL0vgRrXU6kM+DHOd4Usft
Score
7/10
Malware Config
Signatures
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
RexonPAID.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections