Client[.]Regasm[.]exe | Triage

Sharing

General

Target

Client.Regasm.exe
Size

346KB
MD5

319c4a7164ce3bc7d6661e8c7f384e09
SHA1

ba9a37960a3701f3fd13c9ac06cc3195bdb172c8
SHA256

642f1ac50635bdb5d702cf00eed383c82557d7dd36d278f11a76c173c48ec327
SHA512

4e69f1c46f09c52881c4e120b892b1dd260ac5f4187d1879ade72647b2a726aa7e07006da7ae226349e5ddc7a859ba8a2cea0b97411397688096e27d0dec3ca1
SSDEEP

6144:xkJ6LoS2DjwfSsuQP4jnUnOS4FAm5hypt+4cAZ8ANFG2aX9a/rnX5JR49+1jHRt/:xkooS2ofSKSnUnXhStAZ8ANFG9Upn49i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Client.Regasm.exe

Files

Client.Regasm.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

Z"/hB%
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ