4RTools[.]exe | Triage

Resubmissions

18-09-2023 22:30

230918-2ezjhsfb97 3

18-09-2023 22:26

230918-2cjqaach9x 6

Sharing

General

Target

4RTools.exe
Size

3.6MB
MD5

cae68bd7b5874246f8eb0b3f54ad39e7
SHA1

73a59f80e6b138cd0dc6d3b278a162ef9954b987
SHA256

9218c686c937fa977fead2e644b196b80b7a2e46ceba9ac924f75361361c755d
SHA512

33c411cd2a5b07654596f783f30f602884c4c35852301afd784b6e62db27def2f032b146dc630784ec562335ee29678ec3a419e70ebbbdaae9e7233224a82dae
SSDEEP

49152:/vQZKTcBEOB84ke4Auyj3jQEta+xWw+W7SCBiVyLWw:/vQZScBjB84k2QcJ53ig9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4RTools.exe

Files

4RTools.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ