build1-protected-cmd[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

build1-protected-cmd.exe
Size

1.8MB
MD5

45eb6294692c6998120c09e6ee718db0
SHA1

3a1bbb2fa7c0de5e90abaa4fd2e75ea3b42d95f3
SHA256

8b928b6f398ae04497753b2eb03c0e0eeb8d24eab9e474fbf19678a3106926d0
SHA512

504f16bcc1eb4d72954907b3471c609da67844d8fefbcac10a9e8b5d4791a190748030320e547bf50a2d865be6b8594e4ec4294fa97a5552a1a547f9619b595e
SSDEEP

49152:yqMU+AuXhscnrYCpsqwhtmxVsXO7bOI6CJon4:LM7BecnrYVtHmxCXQB6n4

Score

1^/10

Malware Config

Signatures

Files

build1-protected-cmd.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 73KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nlhlxukr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wkradczn
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE