botkiller_v2[.]exe | Triage

Sharing

General

Target

botkiller_v2.exe
Size

2.4MB
MD5

393f1a65423bed5cd9fe07f0961c57fd
SHA1

24e44d12f7b480cbde26416ed0c0d5d6de16d173
SHA256

f5883a24e7944446c96fd756ff7903fb82d7af8eb3d67d4d45e05a9d6481d78b
SHA512

98722a4bfc30ba4ca2804fd18a2bec26c8cf4c55aaae29992067e7e212fb9b3756c3e67ad97623410dff780ae6b5e325427df51d4ccbc3b709c9291fe280dff7
SSDEEP

49152:N4G1qYbwVg9/146wPdppKF2gZKudi5HezLE06+3QXYfjbV+e:N5wSh146UBKPPdiBOE0QIfjb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

botkiller_v2.exe

Files

botkiller_v2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ