b4aa8655df3b22dcfd6dbae68fdd597d26721e4037472a336346f1ea28cfa7f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4aa8655df3b22dcfd6dbae68fdd597d26721e4037472a336346f1ea28cfa7f9
Size

122KB
MD5

c45582d2bfc8a759e75f88439cf2c637
SHA1

abde11e07daf079c733e358027c4f645c4e9e792
SHA256

b4aa8655df3b22dcfd6dbae68fdd597d26721e4037472a336346f1ea28cfa7f9
SHA512

d252e6a197e0982ffb83a5bc6e3921ab24f633ecc2a024d3380bce13e6c927be78db249019acf84fadcb8874970017af62fc4e498543ba3f77876f682721e831
SSDEEP

1536:h4ez892Z+12ubRa9tVAFkbAsv/Hel/Iiq:hHQ92IfbeVbRHedIiq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4aa8655df3b22dcfd6dbae68fdd597d26721e4037472a336346f1ea28cfa7f9

Files

b4aa8655df3b22dcfd6dbae68fdd597d26721e4037472a336346f1ea28cfa7f9
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\azp\agent\_work\1\s\EMCloudClient\NetDocuments.EmCloud.AddIn.Dal\obj\Release\NetDocuments.ndMail.AddIn.Dal.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ