BOK9897863546[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BOK9897863546.exe
Size

684KB
MD5

6dd4e63b0bfd50741efe46da5ce9f32c
SHA1

d752128ae6aa7e03d71b19012f0319a04fd962ad
SHA256

85f953d72889a0c7dd1908d932854ce5999e6bf65feb103e611cf20e05f353fa
SHA512

dc1037493277585169013ad7afd2b0b5a9a10f913e99b3fdd5ac92f31cc7ba971ed807bf4887098a8231df83a1ed6207aeb3106e0b0114b52dfbb00a83d3b8e4
SSDEEP

12288:UApFWJp0PJIEisnfAWS9eVDFSPNlNxMfOJUKrLFAzNa4AA5GqOdiG:USFRnj5RorNxMfOWhA/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BOK9897863546.exe

Files

BOK9897863546.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 590KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ