LSEPrem[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LSEPrem.exe
Size

15.9MB
MD5

6e3fc9c1658722ebf9b09c6b2ac1de7f
SHA1

791beeb9e9f5b6a0203244e51cd2a3d899619360
SHA256

4d06a0754d11f8b7e8d7239e3a2ed42167a1ce9c84fd0c48b6e9065fea156bc4
SHA512

808eee383473d5db9baa5adbc89329e5987b87bba903b926518621c2d2ee16c4b967c9aa426f1bb4fb76348fc56265b878e7c724ec837ec6919abbf6a31b3033
SSDEEP

98304:tG4Dgv9RfyczbnIOqc5nky85vjZMQs8Zp0hUARz:tG4Ps8ovx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LSEPrem.exe

Files

LSEPrem.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Creative Vault\YouTube\RagnoTech Low Specs Experience\02 Visual Projects\02 LowSpecsExperience Premium\Low Specs Experience X\obj\Debug\LSEPrem.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15.9MB - Virtual size: 15.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ