exoodo[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

exoodo.exe
Size

40KB
MD5

fbec60f73c28c0129fb0a9558917caeb
SHA1

8836ddb2b0de6131aab8f7ee25d06e67ff82c97b
SHA256

24dbe4c1de261f7b4606d75416c4f12f50e369a8080741c7c4e6d15f4cb13db7
SHA512

1d2d71a54b735b33bde4a5c8d2c2938ea8d6064c0a0be3c1dd41868f2367b8ec44fd5beaf25e6d2fa1335d6a81e116c6b2ad02911a7b35da09365dabf72c6d49
SSDEEP

384:q2G5E1JIC7nYRgqIW7q6ysKCox5Oe6C+VAiivHZ23CKEBtQbRoQkN:3aiimHQVoQkN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
exoodo.exe

Files

exoodo.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ