SecuriteInfo[.]com[.]W32[.]MSIL_Kryptik[.]JTX[.]gen[.]Eldorado[.]28214[.]2563[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.MSIL_Kryptik.JTX.gen.Eldorado.28214.2563.exe
Size

1.9MB
MD5

a66b19091096d7db36c61e56118b427f
SHA1

2d2ed3fb837bc24b20ede4eee39a51e3c0b370dd
SHA256

be8ccfb19dab5c8d7b4273dc77b34c7ca0afea516e6bf85f607904345a3ad54f
SHA512

2920723a3dac6c535699c3740ad63e71cd68c83760d0f58a30d474789630f0f1d30e5492bc71ae3b1382e6f6c9ddefdad68ffa265d34aac4ea3171dc96e6b404
SSDEEP

49152:7w1ucZTOclUFLaDqF1O+h9sRYL6o2nLR:7mucZHCA+hG+L6o2nV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.MSIL_Kryptik.JTX.gen.Eldorado.28214.2563.exe

Files

SecuriteInfo.com.W32.MSIL_Kryptik.JTX.gen.Eldorado.28214.2563.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ