rootkit2[.]exe | Triage

Sharing

General

Target

rootkit2.exe
Size

92KB
MD5

5651e7a81c8fb1fd46815980400e2a5e
SHA1

6ac8c6c10930701bca9acc90d1c05acb679ea0fb
SHA256

8cfbd820492a10d05d35bdc16b2a14c1e2cfeea59a7ac580d4ab31e2d9c2f02b
SHA512

68f2d92610ff1ec6f9c729aac55eacd9b6770772ebdca53f911165713ea895cf3b27119f799cf48c0ab8978fef6c6d9dcd57bb149e24f660c1af1d985faacd3b
SSDEEP

1536:1tyN2QvLnSw2tKKKuax1F8ujwxmHTMHreiQM5CC/Oij5UEd/7Fn:10N2ELnSVK5xf5oHrxQICCmij5UEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rootkit2.exe

Files

rootkit2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ