Redeem[.]exe | Triage

Resubmissions

12/06/2024, 16:26

240612-txs6fs1fpg 10

12/06/2024, 16:21

240612-ttwgeavfpm 10

12/06/2024, 16:18

240612-trz2tavfkp 10

Sharing

Copy URL

Twitter E-mail

General

Target

Redeem.exe
Size

2.5MB
MD5

f0fc856a36ee8975bbdbf3d77469ab92
SHA1

5b6d2a6b2656c25e7e090fec7dd5fd3b396d09f3
SHA256

7e00dbd6e561675e138585b2ed5e1ec64d497f79014df407ecc4feabd7427804
SHA512

5edb43754adc05689946ee46395449e26438986b263fedeefac774ed892b840a6eda4bfeaffc7e07c21af946e717398686d955179a42d3103e98001c6e0b3d7f
SSDEEP

49152:XYc5pRehyfOfbIfAzqSoS4FsFHuh4yCmat8hGjS3HZo3h:XYgkbjzqSJ4F+y4MaSwWHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Redeem.exe

Files

Redeem.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

E}AAVSC
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

E}AAVSC
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

OhhhhBOu
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Code Enc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Xerin
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

E}AAVSC Size: 192KB - Virtual size: 191KB

E}AAVSC Size: 192KB - Virtual size: 191KB

.text Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 178KB - Virtual size: 177KB

OhhhhBOu Size: 512B - Virtual size: 10B

Code Enc Size: 512B - Virtual size: 16B

.Xerin Size: 512B - Virtual size: 141B

.reloc Size: 512B - Virtual size: 12B

E}AAVSC
Size: 192KB - Virtual size: 191KB

E}AAVSC
Size: 192KB - Virtual size: 191KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 178KB - Virtual size: 177KB

OhhhhBOu
Size: 512B - Virtual size: 10B

Code Enc
Size: 512B - Virtual size: 16B

.Xerin
Size: 512B - Virtual size: 141B

.reloc
Size: 512B - Virtual size: 12B