Oziris[.]exe | Triage

Resubmissions

06/08/2024, 21:16

240806-z4frla1bpm 6

06/08/2024, 21:11

240806-z1kals1app 3

Sharing

Copy URL Twitter E-mail

General

Target

Oziris.exe
Size

1023KB
MD5

b0392745a0ce08c777beca0f861d078b
SHA1

3bdd4898d28a250bf0d0d18f2bd84a22cb087079
SHA256

802afaaededc61db5de76d3363034c89307c0e1f94bef30a8da1a22e91d45625
SHA512

6e2eeb39ea9ec5a41a636f52635ef8df2260ae5089bc513bfffde91c46d559d8c5a6decda83acc81872428465f48adce9915c990ee0cb6875a2ba67abb863df7
SSDEEP

24576:IKIGSBW6+D16oLJgOxrAZMcCFlhZ36uiL2S:ILGSBW6+J6oLiOxrAZMcCFlhZ36uiL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Oziris.exe

Files

Oziris.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\HJ\Downloads\robloxuitemplate-main\robloxuitemplate-main\VexioExecutor\VexioExecutor\obj\Debug\VexioExecutor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1020KB - Virtual size: 1020KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ