NeoModLoader[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NeoModLoader.dll
Size

18.3MB
MD5

01b2551ed80e9b231effd541f031bf14
SHA1

c29fcbba96d2103cef21c608bfb14e3f86faa9ec
SHA256

a34b8341507011c4fa74b94dfbc75d3ecd517761eb1961a3ec2b4569c5ef1f50
SHA512

1a36ea4ba58d8de48737204a339e032558882555753908ae308a44a90340215a140b0365e81cf0c38317668b8fa6c91797fb4f62fb9124b0e87c5f3583d94ccb
SSDEEP

196608:NqiQEI8vbH+of/pNggN1Tygq30OmDaNHfe5d3XV++dxX:Rdt51gRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NeoModLoader.dll

Files

NeoModLoader.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\konni\RiderProjects\Modding\ModLoader\obj\Release\net48\NeoModLoader.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 18.3MB - Virtual size: 18.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ