4d6937394b05129af0d783052b185ff8d52a2e6ecf2e12513af2d2cea5f4e123 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d6937394b05129af0d783052b185ff8d52a2e6ecf2e12513af2d2cea5f4e123
Size

2.7MB
MD5

52b4d413650063a65a2678284337c22b
SHA1

dee7ad28810b25a7f92b044b98ef032ad86d37f5
SHA256

4d6937394b05129af0d783052b185ff8d52a2e6ecf2e12513af2d2cea5f4e123
SHA512

6388e929821d4feb7979f0b4b468d5a908ae62e14c363f84d6b2709078396f004c3ca5622bface4499af627ec8669b46b3649450e72776b20858436f1d0dd3f4
SSDEEP

24576:8/Kp3hvsXlFhoVfzKeroT70mtcEjYgSHWzZY9cBABr2eqJkcvJW2Y3mQTkHw1ENV:A8aXlFhS9o/KcvJW2Y3mQTkHw1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d6937394b05129af0d783052b185ff8d52a2e6ecf2e12513af2d2cea5f4e123

Files

4d6937394b05129af0d783052b185ff8d52a2e6ecf2e12513af2d2cea5f4e123
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\Projects\Publish\AnyTrans\AnyTrans64\iOS9iCloud\obj\Debug\iOS9iCloud.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ