CustomCosmetics[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CustomCosmetics.dll
Size

52KB
MD5

a3a5b8e67af555b1a71e93487c81274b
SHA1

25fb029af168e1edd56d154a419565db9a8b6137
SHA256

3bd4418b145e3b5b16501003b58ba60672bef27fe0082c210bc71ede85501b77
SHA512

aeb8c0c38cee47300085b3fe365eaf22c96ebc8c4c4158d1c80ba5113b48622ea2cb64a3d7e30cef3acb3ca3b64045f573dee22c4535d14ce21fa9c73d685e38
SSDEEP

1536:ZJFfinNbpI8q/xFFNTT1bxZCSgkgW8+9wgmnfgXkrLwbfXHpejy2kdHJ0h3by0Bz:Vfi5NqJnOSgkgW8+9BmnfwKLwbvJ4hII

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CustomCosmetics.dll

Files

CustomCosmetics.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\GithubRepos\CustomCosmetics\obj\Debug\netstandard2.1\CustomCosmetics.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ