mebo[.]exe | Triage

Resubmissions

31/10/2023, 03:58

231031-ejj83aad86 10

31/10/2023, 03:51

231031-eej3hagd6z 10

Sharing

General

Target

mebo.exe
Size

2.3MB
MD5

f219499810760869c402b981669d96d6
SHA1

8acbf5aaa2386f1ace7912fdc82095ca519784a1
SHA256

6f3908c0709427f8c9b4ca56544a76638f30cc4ca7687b0086bb16149bef11b7
SHA512

e6b29ee15e2af05b3066cf346bf95fc9b2042bec2cbd64f5f83ed788a7d61e97487f602ecb6e988327b82bb64440c90a9d00b054d6c82ba4193b85e3f1223d9a
SSDEEP

49152:XfWjgYEitVwmzwGXvlBNH89kLZnT/kqXfd+/9A:X+bEszBfhBVnT/kqXf0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mebo.exe

Files

mebo.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ