BLTools 2[.]9[.]1 Pro[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

BLTools 2.9.1 Pro.exe
Size

6.4MB
MD5

d3b80d2e6480771f7e418d35fdee5ef3
SHA1

7d9f1c09aebbf199d913b911073c99792b315f26
SHA256

b1906ad0d515c2e29b7bf0cc47ea25cf0c63c6be5f828f5b73943f5e6915063e
SHA512

01e1bcddcd0efefcf31a65809be5d8ccb679870829cf08a4c8b4aa8db298b9b002ff8971b13321c9eb64b6a41dd70d5ca13e5a886395a2883013f939736dd91a
SSDEEP

196608:chJoo8pE2SNowmev8lJKjieK7adi6tC2w5hz:SeHSWe0lJP7wH5it

Score

1^/10

Malware Config

Signatures

Files

BLTools 2.9.1 Pro.exe
.exe windows:5 windows x64 arch:x64

Code Sign

11:f1:1e:22:76:71:be:a7:46:3b:fe:ff:c2:00:7f:88
Certificate

Issuer

CN=BLTools

Not Before

01/01/2024, 05:00

Not After

01/01/2099, 05:00

Subject

CN=BLTools

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:a4:95:77:7d:7d:fb:d1:c2:dc:c1:1d:41:b6:89:49:f4:8c:0f:63:23:53:05:6b:65:eb:43:f9:af:14:2e:ac
Signer

Actual PE Digest

34:a4:95:77:7d:7d:fb:d1:c2:dc:c1:1d:41:b6:89:49:f4:8c:0f:63:23:53:05:6b:65:eb:43:f9:af:14:2e:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wcA
Size: - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EH[
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wT,
Size: 677KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 5.0MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

11:f1:1e:22:76:71:be:a7:46:3b:fe:ff:c2:00:7f:88Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

34:a4:95:77:7d:7d:fb:d1:c2:dc:c1:1d:41:b6:89:49:f4:8c:0f:63:23:53:05:6b:65:eb:43:f9:af:14:2e:acSigner

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: - Virtual size: 251KB

.data Size: - Virtual size: 1KB

.rdata Size: - Virtual size: 15KB

.pdata Size: - Virtual size: 14KB

.xdata Size: - Virtual size: 11KB

.bss Size: - Virtual size: 3KB

.idata Size: - Virtual size: 4KB

.CRT Size: - Virtual size: 104B

.tls Size: - Virtual size: 16B

.wcA Size: - Virtual size: 126KB

.EH[ Size: 2KB - Virtual size: 1KB

.wT, Size: 677KB - Virtual size: 676KB

.rsrc Size: 68KB - Virtual size: 67KB

.enigma1 Size: 5.0MB - Virtual size: 4KB

.enigma2 Size: 700KB - Virtual size: 700KB

11:f1:1e:22:76:71:be:a7:46:3b:fe:ff:c2:00:7f:88
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

34:a4:95:77:7d:7d:fb:d1:c2:dc:c1:1d:41:b6:89:49:f4:8c:0f:63:23:53:05:6b:65:eb:43:f9:af:14:2e:ac
Signer

.text
Size: - Virtual size: 251KB

.data
Size: - Virtual size: 1KB

.rdata
Size: - Virtual size: 15KB

.pdata
Size: - Virtual size: 14KB

.xdata
Size: - Virtual size: 11KB

.bss
Size: - Virtual size: 3KB

.idata
Size: - Virtual size: 4KB

.CRT
Size: - Virtual size: 104B

.tls
Size: - Virtual size: 16B

.wcA
Size: - Virtual size: 126KB

.EH[
Size: 2KB - Virtual size: 1KB

.wT,
Size: 677KB - Virtual size: 676KB

.rsrc
Size: 68KB - Virtual size: 67KB

.enigma1
Size: 5.0MB - Virtual size: 4KB

.enigma2
Size: 700KB - Virtual size: 700KB