BLTools Patcher by L1nc0In[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BLTools Patcher by L1nc0In.exe
Size

177KB
MD5

e98b07d69d90ffb94f3abd8fb3027318
SHA1

f85c9a4167de4f0561abadcecb2126f584b8d7f4
SHA256

3597bc5070542696887fad756317cc50f087b225409c2daeda59a1fbf5a83a87
SHA512

245a29dc7410496c051ec4f5c773550931b270e51a66b01ba01785b0332a9b656c9021082cd9b1a59b305083d13d481dadf62168703bff3200170b6c8d6ffcd1
SSDEEP

3072:OgdmMVE/b3Q77+x2LwW6QzFxdv+cP5C34gIZrom7lO08CFq5e2+e2RohC9nil:9tETc7m2cNQB+cPQBIZ/7wxeA2ShC8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLTools Patcher by L1nc0In.exe

Files

BLTools Patcher by L1nc0In.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Marat
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Vova
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L1nc0In
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE