Kyir[.]exe | Triage

Sharing

General

Target

Kyir.exe
Size

243KB
MD5

0dde4ca1f4d1fb64473b185030903770
SHA1

5735cff4f6b83c3b4c2546f5904bb6d36cf99ef0
SHA256

6adf90cf9e5302ad8c74b646690c48671cca034ffc697c9dcaa8d9dcc896cbb9
SHA512

ac693991567f39568b9c96997215b4b2679633fdc45bd5c7b6f71d61add6e06ba01a93f0668d2de353cc74ab4e5d2290e3cc0f26e352d176beb9256196fd810a
SSDEEP

3072:q0u3H+4gohfMJlPwIydQdKKZwbURvzMjyE7U4ng0oO20ezQHKELa:eH+4gAUJlPAkgyvwjyEvg0owe8qEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Kyir.exe

Files

Kyir.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\aural\OneDrive\Desktop\PlayTheGame\Kyir\Kyir\obj\Debug\Kyir.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ