KRONIXSOLUTIONS+15[.]8[.]exe | Triage

Sharing

General

Target

KRONIXSOLUTIONS+15.8.exe
Size

20.7MB
MD5

0317c35152fb74a7204a15a7757e681b
SHA1

53a6703e05ca43364e00243e04fc0506a29f7c76
SHA256

1a6b64b0307a2ae8eafdf85a88b2b8c42b4cf26a22896f0abfd58cc2f86ef9a7
SHA512

204ab5638727e83ea3c62d2d4c921f4fcd76708f2fb4f6d95b0f4474a4f9ed7c2607bfea79bea3a8e56aa52c383f81fb513f07b823ee95eada32ca3488c77ffa
SSDEEP

393216:QC3OSNCRwvSx4vKskvYNR28evtxgQ3ieD+UQBcHBJvjYNpBGyo2iHXYn:BejqSmizn1bAcH7jIc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KRONIXSOLUTIONS+15.8.exe

Files

KRONIXSOLUTIONS+15.8.exe
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 16.8MB - Virtual size: 16.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pgkztkoc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

clyustbg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ