LeKrunk v2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LeKrunk v2.exe
Size

3.0MB
MD5

468bfad47ef68130ccb2f5e266063df1
SHA1

8172035e08e3a92fc81b8d7e0f7c963cb0225b55
SHA256

14cf8139b6f5d916e94a94aab2c370453e360aab8b3abffb36af09cc8f3ec02a
SHA512

75b0b0d344811ba4b619acff6ba81d559b908b670d81cc7d5b0d08566c26c37f6fc89fd564e863ac9a56425549d719340930b98ae2e1716c491d4d448c46f060
SSDEEP

49152:/5Mal2G4RiugezQp2bt4dlW8AEI6xmD7Za2K1NFaqkclL22bAPN9jwsUdzEdTfjb:xMal2/03U6dlW8ArabnFp1L2YAVpbMhj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LeKrunk v2.exe

Files

LeKrunk v2.exe
.exe windows:5 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 506KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jrfottlx
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tjlcjums
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ