BLTools v2[.]9 [PRO] [.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BLTools v2.9 [PRO] .exe
Size

3.2MB
MD5

8c949c1a3189fc8845f22295ee72a150
SHA1

1df3585b887e077251008c68f233f128c08b0b74
SHA256

53b6b47c5dbfbb8ea17990309e9549acc44d8b5d4b1c9e76ec754653f5d31870
SHA512

b27d485b3cd4633edb245659c581458f20b67859f4e7d02205a68824d41dd216882989a807c01d5468e3f99beb78850fa7aeb217f7b8ac8ad30f3a652fc24066
SSDEEP

98304:Q8LdJUraeZZi032nwpT0LtehhSlwz5i6/GroQ:QwU+eXii2wpILtehhSluiWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLTools v2.9 [PRO] .exe

Files

BLTools v2.9 [PRO] .exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DNGUARD
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DNGUARD
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DNGUARD
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ