BL4567GH67_xls[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BL4567GH67_xls.exe
Size

756KB
MD5

8665c8785dad3abba62da60658d1f4d1
SHA1

57793130a620590d01138c50dbaecf5ada3806d1
SHA256

cd00f31be2b7bb08d5e499cbe39d3ab9d5aac66ba0a5e5ffc3e97bd9cc598fc1
SHA512

ddf278f2766f6deffe5bec4652df3e414f42f47fa9fb5ef7f71122af4ece2fb8e247338329fabd4f11866a1e645b5756a9822c328a648ba56086a94d3a7cb9d6
SSDEEP

12288:RvNR4EoOBKMNHlgCZP0MC3VMUoST0uG04tGs8JvRoIii3QlfoCEMCsOhHogfln:1oOBrBlr0xFMUJCas8JSIiuyfoC7YP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BL4567GH67_xls.exe

Files

BL4567GH67_xls.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 732KB - Virtual size: 730KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ