litehttp | 45b563e43851d80182a05da5a1cff0657c75dfba3bf70803f0cf7fbe99f2c06b[.]dll | Triage

Sharing

General

Target

45b563e43851d80182a05da5a1cff0657c75dfba3bf70803f0cf7fbe99f2c06b.dll
Size

36KB
MD5

61db25bca695a1c99c91513dd0641660
SHA1

99863a4ac66d1556b8e54e6e95a96af4b4f450e8
SHA256

45b563e43851d80182a05da5a1cff0657c75dfba3bf70803f0cf7fbe99f2c06b
SHA512

dca2cfe9d7a65876136b2f6bb793eb3e1cc9e2736563f7d2e21c4dde28be4c7e9a0bd77704805a4e94b7930c7846ffcfe2a50ebc2c64620e9ece608f25e52323
SSDEEP

768:EYZiyYcpbEzlwF2g9ap4nLBFvpzbHyV6N55IHFKSu87W78aETvqtnqUHvBrLXvb4:EYZEcKzlwb9u4nLbvpzLy0N55IHFKSuc

Score

10^/10

litehttp

Malware Config

Extracted

Family

litehttp

Version

v1.0.9

C2

http://185.208.156.162/page.php

Attributes

key
v1d6kd29g85cm8jp4pv8tvflvg303gbl

Signatures

Litehttp family
litehttp

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b563e43851d80182a05da5a1cff0657c75dfba3bf70803f0cf7fbe99f2c06b.dll

Files

45b563e43851d80182a05da5a1cff0657c75dfba3bf70803f0cf7fbe99f2c06b.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Badus\OneDrive\Desktop\Bot1.0.9\Bot\LiteHTTP\obj\x86\Debug\Anubis.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ