sitool[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sitool.exe
Size

82KB
MD5

1283d861727a753010307190d9fe794f
SHA1

877bb46f66b65c15462f64c4c68c2c211a5ce346
SHA256

03438a4c5ac636136546718fe90ec01d9a48213bf01c09ce6bc1a440326c07ec
SHA512

a49b4c371405cb8e9917577076b05289ca6fb1bd005ea4bb8885d974ed884e301819fcf44467e1405010a91c8226e2d6aa97bab5bbe0fd57fa6ae47ebf275af8
SSDEEP

1536:5ICZOP4MGBjUF82Az2vPIUerNYXM9HPO0DfqFAQ:jYGie2iGI3rNYc9HPf0AQ

Score

1^/10

Malware Config

Signatures

Files

sitool.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ