HkWLmQWt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HkWLmQWt.exe
Size

38KB
MD5

04c330fa2d1ba82908c50e135fa636e2
SHA1

6d2f8cae54d9ea8287aa65b49ea8379755c27558
SHA256

28778047d8ce310f9222cfe6886b23e26f5a8816db55011267e508ebd21b5986
SHA512

b5860c55e830bf13a57c57aaaf8f431576e8b5d47b07265996d0636014d9281728852024315e1f1c41bf57e5930027c3e036d4a0ed036937f81000d8e3d249e7
SSDEEP

768:8HaGmJqj/DkKqn5FKwQE8IWlReWfDWf9zTjaCuGiyqV:sfqqj/DMFv8I8ReUWflaCoV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HkWLmQWt.exe

Files

HkWLmQWt.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ