vxlang[.]exe | Triage

Sharing

General

Target

vxlang.exe
Size

8.8MB
MD5

e5f7bc79431508e6ad375d7331a67631
SHA1

332969414d9d2fc467709e18e28d4240f118e9ef
SHA256

92827841c0753ded07353f9d14b983b5720740fb556b948a7a2b43bd22e7e323
SHA512

e1b14f33a7434abf7eeb2f5cc0456cf8570811b2e4047400b34e65188c58d885dec2dff5fce4d35025f8e509bdb1d31b7df4ecfa1ed113dc7cb7c0eaef997dbc
SSDEEP

196608:43YD7Xq8L3aM1teIetKAWmCr3cifGlvA5zidXDFqz89VOl:4a7Xq8rakSVY9cI5zidzO89E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vxlang.exe

Files

vxlang.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.vxil0
Size: 7.9MB - Virtual size: 21.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vxil1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vxil2
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vxill
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vxilx
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vxil3
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vxil4
Size: 44KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ