ECNO-E[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ECNO-E.exe
Size

203KB
MD5

800ad6fac565af5c7c4fcc3efd73ef2a
SHA1

e0ad27e2102fd9ffbf2f4cf646ad8baa8e7ba5af
SHA256

59cb8ed401755a28df315041226ed5b8b2f5affedd4a54a0fdc96221082a2d11
SHA512

5bd66d1d1247d68b863d6647ee00255ddd6ff98dd3a90e74aac6a5bf368104e7489f6deaac5f24828a3397097eea9543c4c6b87a376e369159d7cff8a769ea3c
SSDEEP

3072:SI0nPvatfJ7MGVFUaD9i6RAQqf5aMXT5m67RpexEzJ/G6M4kfj6n+RHcHre:SKt57F5TA53XTE47exEzJKjRROr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ECNO-E.exe

Files

ECNO-E.exe
.exe windows:4 windows x64 arch:x64

b4c6fff030479aa3b12625be67bf4914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.llxu
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE