2024-04-28_857fcf091190f086949785e09419b780_espilon-red | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-28_857fcf091190f086949785e09419b780_espilon-red
Size

4.8MB
MD5

857fcf091190f086949785e09419b780
SHA1

79be9b86481adecd51db21141fe77fa661c2ee5e
SHA256

7e29d39e0ff88c541c2bbc6a9f5b1882d51a60b83422e77db5ff0ede9e5e1a56
SHA512

84c1954001377bda9c20bce8d32fcbca0dc4d0b9f94a6909d65149d8ffa0f1eebed811a6a80af7565484c1f3b2848ade99da8edbb5d2059a65202eb17c40a9b4
SSDEEP

49152:eqvyqkLL8CnN+FuYjnHIxqOcG8WHcYoT2s6VhpwSXhJvTFm3t7VUaBYqlW3xj/RQ:jkLQCkFFjnHIxVRNoTr4NhJQoamSOc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-28_857fcf091190f086949785e09419b780_espilon-red

Files

2024-04-28_857fcf091190f086949785e09419b780_espilon-red
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 23.3MB - Virtual size: 23.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20.5MB - Virtual size: 20.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 851KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 902KB - Virtual size: 901KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ