BuildService[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BuildService.exe
Size

20KB
MD5

d48ff3a499e7e02b08a2c48cab47c794
SHA1

ed26dc65fe588ef9843d6051768bcfda366bbf2f
SHA256

4e231f8da752dcb53000b17f419ac5bd6f91e7b50057b09f351e31ac84079260
SHA512

d91b60ffb7f6b8e8ef3478f611e281be4b49bc1a20bdd9d707d786aca392313e2809fa60b0999ea38574f28200cf45a162f4571d5804b73bc5e40dfbda024584
SSDEEP

192:xLBuCTM2JGRSFJbqHGQB5fthNaV2wbG07eX9DYNQ:xLBuhc1qrfthNA2wbr79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BuildService.exe

Files

BuildService.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ