antbd[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

antbd.exe
Size

12.2MB
MD5

1e25aba42b47bc31c6cb50b92125dddf
SHA1

8e6c2d9d8e16805de72eca40a8db4ad3123df49b
SHA256

e20124da608445d9df1c71b1ad3530331a86b773b0b2f6a43ad32ec3d061a297
SHA512

6035464800d5fa2c50a5a2d7a1d23bf82542058c628d0ac1ce2b10558d8b0a4cbd9d006d32082d9b0f085653df9a152ef3bae9484027621be014f963cb5fbfc5
SSDEEP

393216:dDjJs+1GTZKtomDWCrq4ZWpY+MIIQXEOWHA:ljJVGLZMq4wp1MIZXEOWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
antbd.exe

Files

antbd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ