lnv_tool[.]exe | Triage

Sharing

General

Target

lnv_tool.exe
Size

143KB
MD5

dd29334c7a204477b35835d0bc6e0072
SHA1

73f3cd3439689e9abb3f045edec3ea53bb82c3da
SHA256

740ed6d5e2b01e45502447edec4adcc8e67cee7043931223ed4500bbeb94512c
SHA512

1e7d913a5e0b0625d850b649b86a9c97ad754e5174be7a7ac5e464f6013a0bfa49e20307061a11c33b6260d7ef2ebc50eb246fa4cd57a1224a76fac538aa6f4c
SSDEEP

1536:0TtN3zJe7BRn7e24MDHpQtXmXlCMjXlCMrXlCMzXKCMw:0T/zJe1Rn7e24MWgVCWVCuVCwaCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lnv_tool.exe

Files

lnv_tool.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\User\Desktop\[tim scripts]\[latenight]\tim_durchsuchen\UserAssist\obj\x64\Debug\UserAssist.pdb

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ