2024-04-20_de92b6a49515b0d47167fc02c66c7404_espilon-red | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_de92b6a49515b0d47167fc02c66c7404_espilon-red
Size

4.8MB
MD5

de92b6a49515b0d47167fc02c66c7404
SHA1

09f3a98f8f86de888709a142c4690fbe18396a8c
SHA256

c1ad598dbe9d921fd3fded870f98dc4434e107b0be5ad41078fbbc3102a950b9
SHA512

228fb1fedb816c0b85d3c566058b43fdb7fb55640bf20060a5fd8929e2999783d6a64fb9fd310a7722d0c4fcb55a810882af5d0453268da7322e92f4d8904c95
SSDEEP

49152:puZNJnJcA09YDPnyJwlZRdorKfwJheo39IilkLnzXcp/Ko/8UoZm+u7kvCChTiz2:aJnR09YDEwTRS1QQ+TcpZrICCid+DR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_de92b6a49515b0d47167fc02c66c7404_espilon-red

Files

2024-04-20_de92b6a49515b0d47167fc02c66c7404_espilon-red
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 18.0MB - Virtual size: 18.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17.2MB - Virtual size: 17.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 617KB - Virtual size: 1002KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ