d[.]dll_download[.]zip | Triage

Sharing

General

Target

d.dll_download.zip
Size

4KB
MD5

d041997440d492c528bbab0f6fa6f40d
SHA1

0fdbd369b829d231190734f6ec72ac684aca8fe5
SHA256

91248a3cd8be7b9646e3970ca9bc48bfd9ac74e38c02cc9703b3efd170330f9c
SHA512

a71af453046e5aff84d344a75ad4d5f2b52303d95c980a9f7e065ee181a9d65885c62b85b6f2a9d17e0a4f13722dc0866f7cb0984f63980eab15d887c34a0fe6
SSDEEP

96:mM9ED2YYGzzH4kwPYKZ2b7ONv99spoKOsOKbS21U+XaaJ:BqXzHaPYKZ2b7ALspoKO0bN19RJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/download.exe

Files

d.dll_download.zip
.zip

Password: infected
download.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\source\repos\d\d\obj\Release\d.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ