SecuriteInfo[.]com[.]W32[.]Xpack[.]E[.]gen[.]Eldorado[.]6792[.]20764[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.6792.20764.exe
Size

232KB
MD5

4cf5e0e5d9644f0b7a9245be70bb7d46
SHA1

8e7da1406dba892c1c684ff414c154b76c2c3038
SHA256

787c40dd23ba81c4f7ade432888a8239fa835154da8eea8e5a066d2aefbef228
SHA512

10f4b224d1b5f525dc6fed38b3d42b6a463478f17e451eed4bc03822a38642a3d9a3acc82247ef5a23d740805c51bbe00a724fe4439366e1d1dea7285bfac607
SSDEEP

3072:qmxmelC57FPlwHb5B5t969f7pWZkA7UuLNO+AlPz6itD:TC565B5t9692kcNO+ez6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.6792.20764.exe

Files

SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.6792.20764.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ