XLT0090008000000[.]bat | Triage

Sharing

General

Target

XLT0090008000000.bat
Size

518KB
MD5

649aa1a7fb22bdde7c2aebad8966d777
SHA1

d23b3f34acf8c41d0aed311c12e110d5cccde806
SHA256

b5b00d9aeb01e19c7c47fc3ef26eb6b232369156e889349897e24a590ad5117c
SHA512

a428717a4ca9d727ad198874c165af84abee3cd54a5692db3f30da367f87283208fffece4b39c2433d0bb07284f0f3b5ba06d611fca199d85fe0d883364df31b
SSDEEP

12288:fok4fD2S+Z5m81XkqyxJZwR9f5RUsk6ceXh6:fd4bzm5m81XkbHml5isk6L8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XLT0090008000000.bat

Files

XLT0090008000000.bat
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ