ExpressVPN[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

ExpressVPN.exe

windows7_x64

ExpressVPN.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ExpressVPN.exe

Resource

win7-20220414-en

redline 2 discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ExpressVPN.exe

Resource

win10v2004-20220414-en

redline 2 discovery infostealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

ExpressVPN.exe
Size

186KB
MD5

2620c49e134e1d07fbefe1d3700d72a5
SHA1

592f0a98c0143750393635bcf419736c1498f1c1
SHA256

7e9e6feb29bbd8c51fb07675a8083b2613ae20b5f121e49d1489432cf00d7a67
SHA512

dce4326cde61a37a1e65316cc1419089caa456d0b2f959585c1c982abd62f29031c37e6f86bcdca19a0c50fe4ab69ad2b6f73901c5c8fa38ef5703ab4169a265
SSDEEP

3072:TZaT+jVXmFnB6qogApYXOq8h6KC0MJlpMFDkvXzYcZAGWHW5wJW0/TDkjf8QKxnL:FpmFnB6qoEXOq8IKElpMFAfzYcZAGWHx

Score

N/A

Malware Config

Signatures

Files

ExpressVPN.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy