HEUR-Trojan-Spy[.]MSIL[.]Bobik[.]gen-01bfd7fb272d685a1694e07e55a11f6b1a87ded3509383deda49b84be557c23a[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HEUR-Trojan-Spy.MSIL.Bobik.gen-01bfd7fb272d685a1694e07e55a11f6b1a87ded3509383deda49b84be557c23a.exe
Size

15KB
MD5

09adf655ea65c73f5019b60397378d84
SHA1

2753bdf5c3e4eb37b9e1c9925c94281a67c0aa52
SHA256

01bfd7fb272d685a1694e07e55a11f6b1a87ded3509383deda49b84be557c23a
SHA512

89d1f27bdc2a5a145238af09fa087fe9b7651487f9ba6f8dd844fb14683113b93a3eb2e5e6ffbd00117545731fe4788be8d5afb340664326b94e97c788c6bb88
SSDEEP

384:TWPesLHennLmiSrLkhrY2EbuO10sIlyu2nf2:TWrHennLmtki2/sIgu2u

Score

N/A

Malware Config

Signatures

Files

HEUR-Trojan-Spy.MSIL.Bobik.gen-01bfd7fb272d685a1694e07e55a11f6b1a87ded3509383deda49b84be557c23a.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ