VortexLnk Builder[.]exe | Triage

Sharing

General

Target

VortexLnk Builder.exe
Size

453KB
MD5

09166cd27f846edfc7b7212693b4a180
SHA1

5c9c204ff66d220272bc3b440b55bae50adfdba1
SHA256

a27d4fe663e034e3b52f3d31c5ba88c268d26a48ced5546801d559b51c6dd2b0
SHA512

94cdc06a126814713e3b40fc4bf0e54ee58094620c50bf98dee633c51a296aac3f70a003f0bcd2352f79b4785c123bca10e25433b1ac5fdc0becb89585403bad
SSDEEP

12288:jVIHd4PdN72z2HM82J0QTUzuEw4ACacL3Bx4:BI9AP7UI2ZTUzU4ACaOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VortexLnk Builder.exe

Files

VortexLnk Builder.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.A)_
Size: - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.+q:
Size: 434KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ