SharpWMI[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SharpWMI.exe
Size

53KB
MD5

fad751bae70e0b5c2f780703b9ce1790
SHA1

eafa0436520e02622954ed7f1de41e320900c50b
SHA256

c16171e3cced3151fee84c9623c679a208f464a979440e9d17a29d5e46324547
SHA512

5e54ba251a14143a45008e5156750f780ff4c4d65e78e940f7e5826d6870488593fd01d7d1bc18f23bee85a8bbc3db80364eaa6ccd432035d18440d08ced58cb
SSDEEP

768:hOKvazGsFtbZAgjg2o25c8m0NEot0I21PSee08VzMNUYaFtZcII:IKvCxFTM2o2aVg0IgSee0CzMIc

Score

1^/10

Malware Config

Signatures

Files

SharpWMI.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ