LeoneDumper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LeoneDumper.exe
Size

243KB
MD5

bdc10a25a6aa1659456ecbc0b12b3427
SHA1

29d583f70c6f235ab11dddf6579ede30b8e41220
SHA256

e1865bd7ad831174373067572dff0aff92caadf410cce11020444185474b2b4a
SHA512

859bb4cf5f934e6556cff257135f67938e23c12b07da4c320f27a035df0707f2bd23c9d7b838f9dfca743bbfa507e768e61363bb0050d299baf42215cca4b3f2
SSDEEP

6144:xBnKyjWo7gB8eOCJG3FGJljXdQprzvEXaAMw0YYaZB6gkipk3mmw0OKggLj:LKsWR8FCw3wjXdQpv6aAMpQZtxTSg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LeoneDumper.exe

Files

LeoneDumper.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ