BuildService[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BuildService.exe
Size

20KB
MD5

410067625b0b9f14eb0981d242d9eb9e
SHA1

2315a5c30f3c2cb34a2107e5f9964209bbf95de7
SHA256

d9e0e63288f6d3b4d156726b1463019f83f2a0b7cfc2f0d34fe0e302c6a04681
SHA512

82d2d6448e850dce16835a772fa3cb41c823eccbab44a4920440b71bbafdd36be953c907cfac23e9b96b99635ca5420ece8c6b24420499e7862100bc7d17d318
SSDEEP

96:ukUhnECyiKUGOx7VKHMAA+S51817Mb51717YgQ25dqSgTzNt:QyiKUGOxBKsHGQBeetA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BuildService.exe

Files

BuildService.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ