ET_ERP[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ET_ERP.exe
Size

5.9MB
MD5

fce67303cb1537f6c2a982f69c72fa1a
SHA1

fc249c31d98b86dc8ff4ae30c7a842f5b8bf3abe
SHA256

92c2e19b7c82920ee4a64362280f92b98100133cba503ff08753411b6093c06c
SHA512

c3919d7c3bee83661c8f2e291939efaa58de42fd1ee54154f4aa0f606a3fb7385b0edfad305e0c8c1da0b70327db6cf680593fa946edfd67540d4f0c2a4bdfd7
SSDEEP

49152:QErHfH8QOFceibqRtm58/W50uzwC0DR9QQgrV/CpsIt0O7VbGHVXn6uTZYrDg16g:95OcEj40uzF0DRFU/WBt0O6VX6uT7Br

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ET_ERP.exe

Files

ET_ERP.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ