pbkhd5[.]exe | Triage

Sharing

General

Target

pbkhd5.exe
Size

227KB
MD5

d8d8cf5542ecaf98238b67ec6d4255ff
SHA1

613809af40d248c222c8ae1cd6d5059633bab046
SHA256

02bd0d28c99ebf9d729119b812197b82adb8dfb2d398066bee5fbbc314652f08
SHA512

b3a6cca5b98924f7f4606fefcd8379c0876f31e66c2161546ff478a7bb973cf2323949e2fb0055a06d74b6cc579c2ac54009f83c36a59b03e4b44eb7aee43cc8
SSDEEP

6144:XEoThtdEwdleam222lN0dC8ObUyksKmhKba:zTREYlevC8B+KmhV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
pbkhd5.exe

Files

pbkhd5.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ