Jlaive[.]exe | Triage

Sharing

General

Target

Jlaive.exe
Size

780KB
MD5

47d55a6b80b73d64031a4a9e3c4923e1
SHA1

1d3cfc1c8e6774cd23299da323724872e176626c
SHA256

eb396995552cf60b3dc1572e5b57572f8b4418ddc71aee0340d5da4be17214c1
SHA512

d2c29c46df9cbf6a1a868c0859a75041821abf8fd5da9c655ba6f218c4fff1d1eea29e1e62fc65b8ecbed425890a765ee1dd1c575c3a673465e284bb0bcfaee1
SSDEEP

12288:7y9VCoVD990usfOlCdXXJy1sw5D99GJuY9HArdopZdfrXg+JwuKt/S/605:7JoKdpyuw5D9wJWopfw+Jwz/S/6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Jlaive.exe

Files

Jlaive.exe
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ