ESP9103Y8I2[.]exe | Triage

Sharing

General

Target

ESP9103Y8I2.exe
Size

758KB
MD5

18b27a90eab7b1dbc290e0dd0033dbd6
SHA1

af7087f5dc0e72f15567e79f7cbb56fdcc347272
SHA256

5d7d1ac4ea18ac47a6a78b81e3bf144aa1dfaf693239239c7a8521b800d810f4
SHA512

9300b58349c4c4355508bbab846a16cf1038666978b49ee99cc8bd1ddc6178c7c6f5f0d787632c02e53944820699160988b7d0050f99d5b6ccde78e1498bc65f
SSDEEP

12288:4SX9KLxnYblqPQRGnpxcYi8KtZjrOQ5gndJGdC3LRqsD:4St+xpPQRMmjLMNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ESP9103Y8I2.exe

Files

ESP9103Y8I2.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ