E3CB48E5A91062C073844676D319598CED84650B3F8A0[.]exe | Triage

Sharing

General

Target

E3CB48E5A91062C073844676D319598CED84650B3F8A0.exe
Size

1.2MB
MD5

e4576428559dffa406a75750f9231e6a
SHA1

ee121603f8ecf9276965e1b6647d162115e3a900
SHA256

c0eecd5929af6ca7e634a3dee7d6fe9cfc459b195736a8ef049684d2dc28774f
SHA512

365e7c30eeb4ccbc785c7d3b96b9f3a44e05451438302edd6a87be76acd9d3ceb1c924c2b60ec8cc854c3d62eb7e98c3650a80d4dfca964d8699337a109b7824
SSDEEP

12288:9M8la9HGJxgfph4fzf3ZahcJx4ce9Ct+1LZDISZA:9y9HGofH4fzf3Zac0ce9lbcCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
E3CB48E5A91062C073844676D319598CED84650B3F8A0.exe

Files

E3CB48E5A91062C073844676D319598CED84650B3F8A0.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ