Windows[.]Service[.]Tool[.]10[.]0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Windows.Service.Tool.10.0.exe
Size

648KB
MD5

9836f0b11764082f7435b553e0a3794a
SHA1

5ce2eaf84e7581128497f3c7c6f5bcf58200e166
SHA256

70659ec93aae3ea8137dccca2a3753788c7c271c477ad89a22e30fa912cafd9a
SHA512

9caed3fe34619eb3bffc958b1d77199c7d90211b8ae305f7c12eb070b9b2edf5a603d162e4b4f53507721389c2f91a4b4462cb8db58a016e5730446b61e38d35
SSDEEP

12288:cAM+aVjNCRANUwdzjJ6dHvuHBmAiPHBBugVHt:ojNcANUyUdPEBm1HBBvVN

Score

1^/10

Malware Config

Signatures

Files

Windows.Service.Tool.10.0.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 626KB - Virtual size: 625KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ