7050fe070b9bdccb19b735dfb7f9cae0N[.]exe | Triage

Sharing

General

Target

7050fe070b9bdccb19b735dfb7f9cae0N.exe
Size

68KB
MD5

7050fe070b9bdccb19b735dfb7f9cae0
SHA1

63b758dc8c878dff9d1636ff8b41016b73f96caf
SHA256

bf4b175e604de3f3dba22b91eebe60db2658f38ec4e5fc7d0ac2318b9f1e59aa
SHA512

a68438664f761545c54644bb19cc84bcad97e127faa5e9f48c52e675e780cd6ba4a3ec99664a9b08af8255fbf76bbebfef49d5c8b33684bb570bc5b7f92520dd
SSDEEP

1536:RhH7uwQBzS77Z1PNCNo1e0F122wRLGSyOuWvGGaq:RJZQJSJ6CRF124Etv5aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7050fe070b9bdccb19b735dfb7f9cae0N.exe

Files

7050fe070b9bdccb19b735dfb7f9cae0N.exe
.dll windows:6 windows x86 arch:x86

81160cfd4ac25c6cf4f64ca162041105

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e_dred10.pdb

Imports

msvcrt

_initterm
_amsg_exit
_adjust_fdiv
memcpy
_XcptFilter
memset
free
calloc
malloc
_CIpow
_CIsqrt
ceil
_CItanh

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
GetVersion
SetUnhandledExceptionFilter

Exports

Exports

DRVRedEye_AutoRemove
DRVRedEye_End
DRVRedEye_FreeDLL
DRVRedEye_InitializeJob
DRVRedEye_LoadDLL
DRVRedEye_SetImage
DRVRedEye_Start
DRVRedEye_TerminateJob

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ