K[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

K.exe
Size

1.4MB
MD5

21fbd3320b4c50696a76f24b65ff9dc9
SHA1

9fa7ec155e1d0f4e96b7628096598dcaee1dd336
SHA256

2cfa9eb315e50a447c89fae1ca2850a61cf7f34b2f0b77b6c9ea20bb9ca86712
SHA512

1a4dde8a23477d0fb216036ad9c622722510560e7fbc97d7e513d78f1754f502694be6528e3eb089f0fe9a609384039d38b9a23ba4389ad619580015c36e01d2
SSDEEP

12288:R4Vg9p36ZO1Z2PjHm9K0kOpnInWZQzjFeM6DJOjB9sTTHyObjUleyF:EHm00kOpnInYQb6VOMQF

Score

N/A

Malware Config

Signatures

Files

K.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ