KHSE5UT[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KHSE5UT.exe
Size

1.4MB
MD5

c7d32161beaffdf4ba4e3f3e2356ed44
SHA1

2cab13b700967c0ce3b7be88fe05eedb0877f9b1
SHA256

47ac6c5bb3767d886d707066a13980b80344ac992b8d88b56e4ff06b7bca01e2
SHA512

e847a2d0823740b954a06bf636a1740e62f8c707e6afb8e405b9d5ac775138734491289cc1e7b99d8f73a06bae0b3cc4ced912b0b33706659f6692f960b72087
SSDEEP

24576:8pil1ORXdimghGhnQn5wL+o5w/QywbVSOfxsZtlLwFIneS6l/:w5timghPwG0fxmj+6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KHSE5UT.exe

Files

KHSE5UT.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ