Overview

overview

10

Static

static

10

FYI.img.exe

windows7_x64

10

FYI.img.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    595a0e25fbeb1ee5f3cb649639fd345e0cd0b777a51ff60562151ffc07aa5de9

  • Size

    820KB

  • MD5

    666812baf8e775a44dc4b05c5b26c00b

  • SHA1

    02c46ff04b7e4fad87eb9971fc6b54116230449e

  • SHA256

    595a0e25fbeb1ee5f3cb649639fd345e0cd0b777a51ff60562151ffc07aa5de9

  • SHA512

    9520cacffd21c48def31e1a71579426d5d6b7ed9182b1ae02a5a6a8d5248fa7cdb17ef8385e2bbc71ce524653d419a39cef5ceb6e91733c095ff8374a79c9c58

  • SSDEEP

    24576:B+maEPSxjuSf/KcDXjB3uh+6NdMyB7jCHPNAYgiSm4Pvy:UEPS8SXKcp3uhVNdMyB7jYlAYgiSm4P6

Score
10/10
coreentity

Malware Config

Signatures

  • CoreEntity .NET Packer 1 IoCs

    A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

    coreentity

Files

  • 595a0e25fbeb1ee5f3cb649639fd345e0cd0b777a51ff60562151ffc07aa5de9
    .zip
  • FYI.img.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections