Microsoft Toolkit[.]exe | Triage

Resubmissions

03/02/2023, 12:47

230203-p1b9wsfc94 8

03/02/2023, 12:45

230203-pzg4raag8x 1

Sharing

Copy URL Twitter E-mail

General

Target

Microsoft Toolkit.exe
Size

53.4MB
MD5

81862f9f2483b4cfdfa2216cbecd7082
SHA1

276852b917be84d0b1c50da2083c75d032a79c46
SHA256

2e92cb961b0960581e9f2825d9c863cbdaf7ccf478d1bd6913a5a01a51b78603
SHA512

0c75aeed4d3d5b4d623f51343025d61092d890a389116d72d12d0c8cd31f817ca108299420920d1c00b46949ff8263721247ea4a63d3a10dcdc52b591b32beba
SSDEEP

1572864:ZQoeqHTY0yqdlo+B6zlqjLx10iQvKjc1ImSBiX0mlPP:ZhxHTY0tbonojLLVQvAXmSE0u

Score

1^/10

Malware Config

Signatures

Files

Microsoft Toolkit.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53.0MB - Virtual size: 53.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ