BLTools v2[.]8[.]3 [PRO][.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BLTools v2.8.3 [PRO].exe
Size

2.1MB
MD5

6f99a3fb4950ab5f88420c42a5a175f3
SHA1

32b5ce780040b1f22f3b85ffbd56713f5cd25e40
SHA256

53e0ce2c8937f416a87baa2c37e252b5831b1dd49068de805cee163468c8e095
SHA512

1fb7dc52621d9e399942b665ec5eb39fea223e83d8a59b7c323bac13c4a03dfe7c96737d1c2a542dbcb04d0b401e8b72247e5b92f6a5535213026f395d680eaf
SSDEEP

49152:6vh7x2Xr8Klb4JPy8uBxX5OYPgrXrtqBRKhffHGEqVLUR+:4h7xir8+b4Ix/YrXZXnH8LUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BLTools v2.8.3 [PRO].exe

Files

BLTools v2.8.3 [PRO].exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ