Ls_ERP[.]exe | Triage

Sharing

General

Target

Ls_ERP.exe
Size

1.0MB
MD5

65fd0eff2f518f0e2b90e56945429c86
SHA1

ac31b8b27b7c3440ddf2dcc0a4b1123758e519fb
SHA256

a8496011aabe186abba504873a14c1d0290d2e6f9fa83cd1f0fc6b7d01ea88de
SHA512

258075da6be867be1ab5a206f1e061fdb7344b4f0373f79ea19dfa840877d9ffb487fd6f8838a5356e903d7c1d8b21576c755715e211352e806c4b83985bb158
SSDEEP

6144:kNTxgtGXt/nzswWtSEh+i+i+i+i+j+y+i+spLcnHOEIelrBnHmDRHeOUexhFPJKf:CTGQ9/nzaSNLWOGlrBGR+b6j6FnOU/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ls_ERP.exe

Files

Ls_ERP.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 992KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ