Static task
static1
General
-
Target
DefoMinecraftProlly.dll
-
Size
6.2MB
-
MD5
e132d63449019d0a60f0b7c0f4ee5cf1
-
SHA1
67fa7b62c421951c1f69c32858b8a659e2b3ffbc
-
SHA256
db87736636f95884a95713d7f5fa3884da85fda1ebf8fa5804e38c79977d55ca
-
SHA512
54ace2c47a68563d0c3e4f17479eb2117823875625f64e8df990c3f81ab156ba5e99a237c7d41e092214a03fb98c7313e563eb52fd2947cab9ab117bbbdb754a
-
SSDEEP
196608:3BBRHsB9IgHhhGCsM8ZfIUa1iZaBekzKZuRH:XqB9IgHhQbfIUaya1m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource DefoMinecraftProlly.dll
Files
-
DefoMinecraftProlly.dll.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ