Refbkefruvt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Refbkefruvt.exe
Size

587KB
MD5

a58ba28556b22b42763f7e250fb0a4ee
SHA1

1736c40a3405568ea7eb99626fc6787225081eac
SHA256

0ebd3bc3035a85c16d9856235d470598e247755fb4b3744c32ac6bab6c4d311f
SHA512

e2061c4c2ab471f4f6d7c9af420cb821f28b640f3c8b0a20fa7d994e36c0a1996922f84cc471e26518eeba3bbe059cb861371afb5c612327be9a9706f7f0abf0
SSDEEP

6144:hWsTS0AV13ha4LtgdA8ICUNV9xIm683GcS+/ccP+zwrC3vGIETPm3zBzPH:k3ltga2UNKsFSJcPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Refbkefruvt.exe

Files

Refbkefruvt.exe
.exe windows x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ