0de2631741d185b5b89cb16e05374f2f73147d2638b3b2bc72b948f65b3d1204 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0de2631741d185b5b89cb16e05374f2f73147d2638b3b2bc72b948f65b3d1204
Size

308KB
MD5

5219e6307c02a0694043daad88797295
SHA1

bde3f4feb93a5b037127b8a7e9689daa057cf299
SHA256

0de2631741d185b5b89cb16e05374f2f73147d2638b3b2bc72b948f65b3d1204
SHA512

3650eca8d35768757b2f64ceeace105cdbe621acb1b31c77c24f3db6b5137157a3f20dcfcff2932ec2e8ec44d2ecef5dcd777eb6dd8a4e9539aafb793c2cc3d1
SSDEEP

6144:5MDC/HR2/swIWElmgR7lTwnDJ6iKiWIMzJvUXWQY+0ugOQCA:pxlmmugOQCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0de2631741d185b5b89cb16e05374f2f73147d2638b3b2bc72b948f65b3d1204

Files

0de2631741d185b5b89cb16e05374f2f73147d2638b3b2bc72b948f65b3d1204
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\__w\1\s\src\sdk\Microsoft.Windows.Widgets.Providers.Projection\obj\x64\Release\net6.0-windows10.0.17763.0\Microsoft.Windows.Widgets.Projection.pdb

Sections

.text
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ