Bleu[.]exe | Triage

Resubmissions

16-05-2023 16:19

230516-ts1dzabe96 3

16-05-2023 13:14

230516-qgxl6aaa21 3

16-05-2023 13:08

230516-qdfjgahh9x 3

Sharing

General

Target

Bleu.exe
Size

6.2MB
MD5

8d9304e583f4e09bc979a4329e1725f3
SHA1

03e07b90c49d3121f0cf321fcb702d852584220d
SHA256

bde1e449eaaab9d9edb719d8eb4c915f57e2576abe4a227bcdfd9f8c1312437a
SHA512

a03b496d5d43221051a52b960188a35cce1b6bb38535ceff9ff5ad414fd3a42c35cbcb23397c693608379e1e8b11c1a89835f5524b04716ee4760b5b171f1550
SSDEEP

196608:c1iUw7KYRI8FIIIWNSiU6+bQiyNzDbbB:c1i5HFIIp9Qh+zF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bleu.exe

Files

Bleu.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ