be20aa8dc9199f7303624ec6e6d48c0ad48821f0d28e2295cc2c98ebbe93cb49N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be20aa8dc9199f7303624ec6e6d48c0ad48821f0d28e2295cc2c98ebbe93cb49N
Size

3KB
MD5

d6d57bc306297b3d2f544d893aee8060
SHA1

7fba9c380b7f06b963223cbe3758f103bcc6781f
SHA256

be20aa8dc9199f7303624ec6e6d48c0ad48821f0d28e2295cc2c98ebbe93cb49
SHA512

25b2f9de0bd571a08f50796a449803f70e3c7633cced213240d2f537a56272d78cad0b4498762a6c8db1f282cf11e9df7a9b7da6f130e69feb022f84b8baa8e8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be20aa8dc9199f7303624ec6e6d48c0ad48821f0d28e2295cc2c98ebbe93cb49N

Files

be20aa8dc9199f7303624ec6e6d48c0ad48821f0d28e2295cc2c98ebbe93cb49N
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ