eaglerat | Client[.]exe | Triage

Resubmissions

07/07/2023, 20:21

230707-y432fsbd47 10

07/07/2023, 20:19

230707-y379sabd35 10

Sharing

Copy URL Twitter E-mail

General

Target

Client.exe
Size

63KB
MD5

adf435a4abc697a22173c315e7adaaf8
SHA1

97a47df8d91844d8ba96277d53f305596eeb1bc1
SHA256

22a6d7c413c30d631ec993a1d52e29189ae1ed6b149f184e043af46fc842414e
SHA512

3646ca798f5ea29a99275872c45c29bfb5cc29df1a3cca430f16174f35fdf33f282adc39f40b57fc0dee63b86cc6206221fd32e55e600a8e7e2cd93a920f7c92
SSDEEP

1536:Ch3HaMmkefuYjsDAiENQVseNbIB27k/Y:C3GNjsD8YNOAX

Score

10^/10

eaglerat

Malware Config

Signatures

Eaglerat family
eaglerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Client.exe

Files

Client.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ