gurcu | Evolion Launcher[.]exe | Triage

Sharing

General

Target

Evolion Launcher.exe
Size

1.4MB
MD5

ebdda35a64fdd77737a3ec887c3c63b9
SHA1

22bed885d16c61ee24a42a704ec1b1174dc1eccb
SHA256

e85101062f748f61e87f91bac8abcaa11b5754fb364b8e99cc67b9e7f0283edc
SHA512

e3cf15ede970349d1f35f3334c4d2bf4c6bf2c9664a704405b22a7f315637942bba64dacff86875343f294891033295666421791b43ff371035ca24d3dbebb0e
SSDEEP

24576:hYVeGFNjhp+qJBzrYW9pivo5gG3xIFzADL78rFtNxm1R+H2AkfhwXlCt:hElNf+qn/9pLV8zi7qFHxmn+tia

Score

10^/10

gurcu

Malware Config

Signatures

Gurcu family
gurcu

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Evolion Launcher.exe

Files

Evolion Launcher.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ