e0b528e70ba1f1e3a7d0284d064bd06139f3e63042999ef9359522fd96d631c5[.]exe | Triage

Sharing

General

Target

e0b528e70ba1f1e3a7d0284d064bd06139f3e63042999ef9359522fd96d631c5.exe
Size

500KB
MD5

962abb66f08926b876fd06a4a2862eb4
SHA1

0aaf848f4346aad2ef05a520b5df195b9f86a27f
SHA256

e0b528e70ba1f1e3a7d0284d064bd06139f3e63042999ef9359522fd96d631c5
SHA512

18bd1983f174c767df2d840f2510c96a218056c17fbe903f7a573658713e72c011abb41091fd5d11d5bde1c1af22a5fdc530e32609b7eab91610071a4bcdba7a
SSDEEP

12288:zPPHFdeJq4wBEnSFnuIJYLPRtnZcankgk:z3GJ2pUIJetGZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b528e70ba1f1e3a7d0284d064bd06139f3e63042999ef9359522fd96d631c5.exe

Files

e0b528e70ba1f1e3a7d0284d064bd06139f3e63042999ef9359522fd96d631c5.exe
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

DllRegisterServer

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ