BLTools v2[.]7[.]2[.]exe | Triage

Resubmissions

23-02-2024 14:42

240223-r3a6qabc29 3

23-02-2024 13:12

240223-qf1mesgd3x 3

Sharing

General

Target

BLTools v2.7.2.exe
Size

3.4MB
MD5

528b540e2aec29669239482dc9979f4c
SHA1

1ea8bb0122777f6e4223820c7873486935123a6b
SHA256

28f71e8f8c650b109771f51695785420401839499e15e41a2c634bce4ab5456c
SHA512

f96bcc3ae1185bf1fba2f59c0550d0c721c4d5692e31d705fa5a8115699697c529b41aed54d4d7fe1b9754d6d21bbfd714c05a3add3b4cbe025cf089110098f6
SSDEEP

98304:yKujFMX60wFrNDSGH8Kll2KKsD40o+BSl:yKujF660wFNSGccZyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLTools v2.7.2.exe

Files

BLTools v2.7.2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ