6654696b66795fddaf5b2cc13e103ccfe0929d663cbbcd3f9e54de7d3b7098eeN | Triage

Sharing

General

Target

6654696b66795fddaf5b2cc13e103ccfe0929d663cbbcd3f9e54de7d3b7098eeN
Size

54KB
MD5

ef1e52a8eedea7d67f9feb1f86bf1090
SHA1

bd7347ed1f39dea9c2f6a192475844f65980796c
SHA256

6654696b66795fddaf5b2cc13e103ccfe0929d663cbbcd3f9e54de7d3b7098ee
SHA512

4961dc6125ccc4ae8af30e9075b27e0b3c65dcbedce777d9b9f4b754fd10e0af84ef5cb41eb5559ee230ec10e6a45990b434acefc1c58bd35f55fcfb97f771b7
SSDEEP

1536:jz9gIe1wSV1FSIjs4cjo80CO0vybMDHCWU5QWw:jCIe1wSVbSIjs4cL0CqtWU5QWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6654696b66795fddaf5b2cc13e103ccfe0929d663cbbcd3f9e54de7d3b7098eeN

Files

6654696b66795fddaf5b2cc13e103ccfe0929d663cbbcd3f9e54de7d3b7098eeN
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Jenkins\workspace\master_ws\software\Services\CoreLaserService\Client\obj\x64\Release\net48\Virtek.Services.CoreLaserService.Client.pdb

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ