k5ex505kfke0heke[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

k5ex505kfke0heke.exe
Size

483KB
MD5

2eb0d7d44290958826d9fec6ab15ee4f
SHA1

82de04cb41df2c07214ef5c037f9d04a7e88a0ca
SHA256

88627c0d9b279725bef460bf4ec4d7f7fa7902d834db5df529d06c7ef2b00f5b
SHA512

5f70b43684dd28388bad486ccabb6f6d34def0e42033dca3d162d0f415e81b80f2b0795dcdb436dfa96de13995dd87cc7b1a18deed8806529bcdec9c3d8bc717
SSDEEP

6144:7KhWCXjOya9B+vPHj0RFakZEGWpCb/cAtDt9Jcc3Qq39xjR1bUHee77AbNfUDjw7:OhXjXAIPD/kZ6p+0A59de39jw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
k5ex505kfke0heke.exe

Files

k5ex505kfke0heke.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ