ElitePublic[.]exe | Triage

Sharing

General

Target

ElitePublic.exe
Size

539KB
MD5

df1bd6152402275a0ccaeae8364855dd
SHA1

8cb5ec11c57f12dbe89647a1142059f6a26cd014
SHA256

e84fb2e2f6d7260ecf6b6bfe7ed7681a1da1e57c0594a7ea0f23b0fcad7d70c1
SHA512

a5e32267240e10d221b27c64601f853591329a2e516f56e9bf764e1f99fe0b0907f283bb1fcd305131ad422acce4146d4a60afdd715669ca11d9d249673539a2
SSDEEP

12288:3MqW+nA+LKh6NxmtpKSWt9q5q+uQUi/BHUixTL28UfQpLK:3MqWwA+28ytpKxt45qxQciIjUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ElitePublic.exe

Files

ElitePublic.exe
.exe windows x64

0609baeb0d8fb520913c4a929c0297a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA

advapi32

RegQueryValueA

user32

MessageBoxW

shell32

SHGetIconOverlayIndexA

Sections

Size: - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE