bREM[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bREM.exe
Size

26KB
MD5

62ecc911ccf529ad1b3d497bc004b9d7
SHA1

194ea6120c6b5713fc84a0c9741e14a67b08f16d
SHA256

b3e19686293cee87b430eda57433ca7e990f3d75d0c311e1a96c75f01ffb23ae
SHA512

8e8a7b166bc74841d40fb9b3abad8c0225c2dcceb0120d9f060be35a88d6bcb95ec22c7bb2ba8149b50e7996c1395f7df29e8e37b117a024c4dacd56558d9593
SSDEEP

384:vLd6cufEYAA/XgWeyoHzCYe/iBY2OzRLTm3yilqr63+bqtVvGD:Dl8AA/6T5e/gsEVVvGD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bREM.exe

Files

bREM.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ