ForlornApi[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ForlornApi.dll
Size

8KB
MD5

fdafb3b2e079b7af966433782ac17ba3
SHA1

1fd0bb96e316115806840da5c98f7cd4870ff8d9
SHA256

cced43fcaf3b97bbad3784f8d6f996da6b644cee2bb52205150bcdc8dc121fcd
SHA512

2ec4f14d270eff3513e283d2ff43ea8a09871c44b6510b0336dd2de9c2e98dc44b872d5fa313745adfe10f22bf745a4ad39ba3a613bce29cd99a41aae774fdca
SSDEEP

192:SeDDoCSnbj6NeMftyjVNKv5AavLz0oMWoOVqn59:5o7j6Ne4QjVNKvNLkFOVk9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ForlornApi.dll

Files

ForlornApi.dll
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\capta\Downloads\ForlornApi\obj\Debug\net472\ForlornApi.pdb

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ