0501af1dfe5311b412de462bd1c347680258d84a827a4edda58b2ee54baec789N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0501af1dfe5311b412de462bd1c347680258d84a827a4edda58b2ee54baec789N
Size

326KB
MD5

2bfad6e141eaa49f54f6bb8ebc285340
SHA1

1b35767655b5f3ab336601d35e303b5c011c4f2a
SHA256

0501af1dfe5311b412de462bd1c347680258d84a827a4edda58b2ee54baec789
SHA512

cbf28fe52842b202090345f916add7a2559a64d7a8eedd1e0eb9c7330577446be4c607e51a91622069544c9c620b9957f4030ce6e56c20eff84b3c5deb7dc243
SSDEEP

6144:ByB5xmmkd7WK4BeSlWaUcIjS1+ViXR+Az:ByBrTU7J4BrCuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0501af1dfe5311b412de462bd1c347680258d84a827a4edda58b2ee54baec789N

Files

0501af1dfe5311b412de462bd1c347680258d84a827a4edda58b2ee54baec789N
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Microsoft.Toolkit.Uwp.Notifications/obj/Release/net5.0-windows10.0.17763.0/Microsoft.Toolkit.Uwp.Notifications.pdb

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ