b1cb10262377b585db71c939f17a1b2499b99ea20ba9b1c53fa649c3cd588557 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1cb10262377b585db71c939f17a1b2499b99ea20ba9b1c53fa649c3cd588557
Size

686KB
MD5

bdb20a5d89c7a9d8253d0cc3fa8d6c76
SHA1

a093939a6100c76f365a67184c14b516b65d0599
SHA256

b1cb10262377b585db71c939f17a1b2499b99ea20ba9b1c53fa649c3cd588557
SHA512

f385ed733c1394d66611449bcdd3cd2321cf8fe504e39750121ef9f76072621c125ca4b9eda13e026372cd08ff7914d037810a7c4a2e1a7e4b6e836b39998b85
SSDEEP

12288:kbBPJwKcI7aYkTiu3neMnzCrmUec/1wnVkmso8ghWms3U7j9GKLPo:GBhc6aYf2nrWKPcCkehWrkjgao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1cb10262377b585db71c939f17a1b2499b99ea20ba9b1c53fa649c3cd588557

Files

b1cb10262377b585db71c939f17a1b2499b99ea20ba9b1c53fa649c3cd588557
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

kllR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ