HelixExternal[.]exe | Triage

Sharing

General

Target

HelixExternal.exe
Size

2.5MB
MD5

b2da2a79cd0124ecbe4ffa7032ac7704
SHA1

f79a634e65c6c458ee43a96a6a769cf10af2e379
SHA256

30a379807037d21efd8b6f5eb83ff4b0594b445701f518847c96b35bb63e4e9c
SHA512

43f539df5a439f6d7270c0be40fdd7f8bd17f6de0853fb20129f744dc5a7de276f964412b9cbd50df417232e79f2408a7af87c805d1f8df1e321d6ae58270f62
SSDEEP

49152:ysFJD0g5LKIswFgb1oOyi5qv4LpUEHO4Cu4xmfQdiLSIWwk2JNfqBk:50wswFgb1oOy74LpUDmfkiLKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HelixExternal.exe

Files

HelixExternal.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ