ODK[.]COPY[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ODK.COPY.exe
Size

53KB
MD5

bef9d247ab62dcc5aa8a920b444f10cb
SHA1

e4a391c85a01196dcfdd8b55786915a5be157dbb
SHA256

28c6daf6ddcae46741fc7831935e65d31efd1154eb3229435476770e7e6fed98
SHA512

412cf39e2a42aa219210f23f5f69c736d8ceee3dfbf22ea9ee1836454ca2a5c8e75ce70278a89a3a2f507f09cae03e5a7be375b9f92659fb153a87a76e993616
SSDEEP

384:S85I2oLxH2KY7pAHGhZ2f9uZ5vaH+2z+kF23kn3h3kq3qPR050ww/XiUK1J3JG1y:OLJ2ebCyH+k+PcsdOJ3JG1qG+kYPX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ODK.COPY.exe

Files

ODK.COPY.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ