bd640c0f617c88753e3e94cf34076a5165cc8d5fffe3fd479300f5708e367199 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd640c0f617c88753e3e94cf34076a5165cc8d5fffe3fd479300f5708e367199
Size

3KB
MD5

6dc2599d78d3ac3d0cd0106518bdb690
SHA1

2a60769a78a9b3db3924e1a1a24ed72bce5f750b
SHA256

bd640c0f617c88753e3e94cf34076a5165cc8d5fffe3fd479300f5708e367199
SHA512

5596d4b7b4c2fe972b967a92244fdefa5023a691dfe5d37b628967ad222142aeb07cb847996db44fc19adb88acd48f8238e5567d8a1000611dc7603f6c065bb8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd640c0f617c88753e3e94cf34076a5165cc8d5fffe3fd479300f5708e367199

Files

bd640c0f617c88753e3e94cf34076a5165cc8d5fffe3fd479300f5708e367199
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ