Static task
static1
General
-
Target
Revera_Guard.exe
-
Size
64.8MB
-
MD5
23edd896d11b7a525078ee010a357f6d
-
SHA1
285e8ee1fe98fe84a2cb81ad69f1f8f6f31e18f7
-
SHA256
13d9717f3c46d9c3bb64a5589dd88a94197cf1bef4e9f78da1d478a7dd811800
-
SHA512
d65ac1521139a228c323e1aad83e098a30f15504d04e69dedaaf710d8efd5a3b09a3e74acd8c10634c1b7dc78f76ed7bbc262ace9fe14c40dfa8fd7fd1314b87
-
SSDEEP
1572864:Yj/0DTTORWkBG+LJ2zR3fHNdkBG+LJ2zR3fHN:rDfCWMrJ2zVNdMrJ2zVN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Revera_Guard.exe
Files
-
Revera_Guard.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 64.8MB - Virtual size: 64.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ