a01349f9bff5ab3130d371b62f7d7aea93cb4b9d6945875067e85d85b68748fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a01349f9bff5ab3130d371b62f7d7aea93cb4b9d6945875067e85d85b68748fa
Size

3KB
MD5

f4ca87a75a404e9aa7d21fbe524b77cb
SHA1

08b752cb6dfa76159489e2d3de8c1f61c8436ac3
SHA256

a01349f9bff5ab3130d371b62f7d7aea93cb4b9d6945875067e85d85b68748fa
SHA512

684a76b7c3a1e0bf780af4d96941d6fc4b617ae42c1452ee0137ba29937b21b5a6f7696572a8cfe4e4af66155a335616745fbdb0600e2f6da042110b0d58d5ee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a01349f9bff5ab3130d371b62f7d7aea93cb4b9d6945875067e85d85b68748fa

Files

a01349f9bff5ab3130d371b62f7d7aea93cb4b9d6945875067e85d85b68748fa
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ