BLTools v2[.]4 (2)[.]exe | Triage

Sharing

General

Target

BLTools v2.4 (2).exe
Size

4.6MB
MD5

c7f2e182794882c0450f6674439d983c
SHA1

274bc5d7c138648b41c4b37ad43cc37e7e11f337
SHA256

a42d9f80ef502f004ebd0b850164d9706da51359f1bd27dde891c66f4ba8e55b
SHA512

e28eb29433df7690a61269dc10102e848abb479891345f49a9674c4c6e48a80f3f5875f53edd01b1eb4180e5ea8dfe2e2ff64eb94758297797225e5035ddc3e8
SSDEEP

49152:FGgrwa1MiyqaK5fiQhX7JUQMhlFD9hOovMWPPxy40HQKg:DkqODhZMWPE4qXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLTools v2.4 (2).exe

Files

BLTools v2.4 (2).exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ