EDreg[.]exe[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EDreg.exe.bin
Size

300.0MB
MD5

71ef0030ac787e3f1783534898009592
SHA1

46230fb1eca7e15f38dd340996aefcee05a19b50
SHA256

b1cc036478a9eb4dcbbed6a68abd3a4c2a8eea593e729cde5fcf3c668bedd0df
SHA512

ca3464cc347b5525bbede11ffd7c3c8a48c7d22ce66c716c0d51b488d619715210eebe9a5641d84756f5c572b8de0a60aa25a60f899ff396c34634bc2d9a3d08
SSDEEP

12288:S8SnG5jbNCUZLHVaaj7uTPUn0S6M8RLO4VsypU:SjnG5lCEGTBM8RLTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EDreg.exe.bin

Files

EDreg.exe.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ