KarolinaUtility[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KarolinaUtility.exe
Size

1.1MB
MD5

cfef55c48b388a3085d574a03f98b74f
SHA1

c54ee4c110d92c2ff07bf68ed21ca657b9f247b6
SHA256

123fd815b92af6c4c427bb148b627b98a29ebbbaf94173b3fe25d698ea287926
SHA512

7cc7329aed2cf6b2d03806fe2b35f7a1350cef0e9d39fbb5742e8fac63ff0168a71b4ff3c5be4080a08d40226a474ee419ee0b0ff251a72088e82112174265d5
SSDEEP

24576:ZqXbKWqP0dLKDV+p8/8pjIiqLDwiiR3ltKgFyaQdxpThdpQwi+L75:ZqXbeKPUi4+RVtN/QdxpdvXiG75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KarolinaUtility.exe

Files

KarolinaUtility.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 32KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 906KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE