hkcmd[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hkcmd.exe
Size

548KB
MD5

86f23924ae2df7830940e8f8b51e602d
SHA1

049548115dce7b49b97865f550b559041b03a76f
SHA256

1837977343db27c358f1e1591e4aac16bb0cbd920ccb5663c2d4c7cf1baa1067
SHA512

74a045eda4023941c96ac027e3fbc37f548b2efe47a04f74d105f0e1759c7455da09c4610d1a46a8a78678ea7cf3963e17198701eeaffe5a2848c19088c618c4
SSDEEP

12288:Tv2Aj8FwLm/VMmXmiyb8kIVz6pHj/1tasyvucZptQ5Ic:TuAj8F6QjmisIVepZERvuSptQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hkcmd.exe

Files

hkcmd.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 546KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ