613170731f7934242fc4f45989580ab51be5ce16292c82eda430ca86ed7967cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

613170731f7934242fc4f45989580ab51be5ce16292c82eda430ca86ed7967cb
Size

543KB
MD5

a2a43157597791ad5f21f61ede50bb44
SHA1

7973e011b05b287dd6e935f646ced860cc337456
SHA256

613170731f7934242fc4f45989580ab51be5ce16292c82eda430ca86ed7967cb
SHA512

f3fe6486ee5125ec93ecf9d4a6794a5851f42e05142a2f673792bd04090bfe79543a3e25df2063fa835e988099a170998abd2434ee81c3e8aa7632a288bb9281
SSDEEP

12288:9tv4saDyPrsqPg6SyFJ1Jd/ltpf5OCG2/iFM6FKh1NFbe5E7Fji+Xe8MtqqSjatJ:H4saDWsgg6SyFZdNfX/A9FKh1NFbe5EI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
613170731f7934242fc4f45989580ab51be5ce16292c82eda430ca86ed7967cb

Files

613170731f7934242fc4f45989580ab51be5ce16292c82eda430ca86ed7967cb
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\kakao\work\Source\LEGO_AAW\LEGO.App.Launcher.InstallDirectX\obj\x86\Release\LEGO.App.Launcher.InstallDirectX.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

./L|
Size: - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.-Gn
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.+ D
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ