lboxloader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

lboxloader.exe
Size

13KB
MD5

1503278c5df7ca9d4f747912711deda4
SHA1

a2eb16bb6ff07bebcee2cb04f025ad094d0851d8
SHA256

698560d5bc415d8c07b2559c4d7c1d6a25c98b0e76574a3744e57821847dc296
SHA512

4b4590fe66b260e2995d77a26816c3664c861f5cefa4d1098d09ced9ef78227a59efd8a7a27df26a60d1d7d71bcc3c6b429e8503f87fec7348a313872640a42f
SSDEEP

384:1bRsYUnrMAgIdDkEvF3B6THGyvVPhapupMA:wYUrMcOEvF3BGHJTae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lboxloader.exe

Files

lboxloader.exe
.exe windows:5 windows x64 arch:x64

13b6781b251e80b616de3fdc2cc2b478

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ws2_32

send

msvcr100

atoi

Sections

.ZRSSMU1
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KNWAIE2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE