NbtStudio[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NbtStudio.exe
Size

1.1MB
MD5

361ca552476bd8b9c5aacaf24ee7a233
SHA1

102f25ce3319e2e0f3b86a8b0d15fe5336deaa23
SHA256

c062995feb3a6eaec4e8448dc3e5aec221efe1017cf28dabb75fecb6bdd6a6dc
SHA512

0d8409578bc93b89061ce34bc1d724d210ec5116133f56c799a756b71c861354a3559f23465e2f68c26233653454c4d53f35d36c1616bc4edfb3c4b34db4e26b
SSDEEP

24576:JyC4lgUF1y7smR96EeJdwlYvN/vbuhZUTdNjgQ:JyC4lg+1y7sm/6E6ClY13bSQ

Score

1^/10

Malware Config

Signatures

Files

NbtStudio.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ