BLToolsMod[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

BLToolsMod.exe

windows7-x64

BLToolsMod.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

BLToolsMod.exe

Resource

win7-20221111-en

purecrypter quasar revengerat office04 downloader loader persistence spyware trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

BLToolsMod.exe

Resource

win10v2004-20221111-en

quasar office04 persistence spyware trojan

windows10-2004-x64

15 signatures

150 seconds

General

Target

BLToolsMod.exe
Size

763KB
MD5

869037e716218fb7551d84b8ce7d0ae7
SHA1

12cb776519eeb2d5e6a7ab1ddce3a09f143d5f18
SHA256

305cfdd7d464938cabe66fcf3116df431c10742c775a4a588d38349ea18a7fb6
SHA512

6840e10d1daeacd169dba4a0049bc3b9087726dd45551b9a9587d57ec45d926356ce1656a39fdf35c1acb4020c564ec1f6a910fd83cde99e3ff75195728c72d2
SSDEEP

12288:SAZdPU5ttcsREhy5IYU8OaNISOvsk0gnT467zpmw7OfimWm/YfdFxfJ:S2UVc+EhyuAOaNIBXnT46fpmiOfimWy4

Score

1^/10

Malware Config

Signatures

Files

BLToolsMod.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 694KB - Virtual size: 694KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy