etw[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

etw.exe
Size

9.6MB
MD5

befd0bdbee7d5c63b1747d239b8ab296
SHA1

798bfe7d3d40d16eea922babb4e357f441d04aaf
SHA256

195f729ed21b848849a9d3c8933dea33ac02e73da3d5460a089660534e6d4dc4
SHA512

0bac8e662b7ab1433cd449eefcd5bfe91d7231666d3678a72516ab92503f0ebce98357a4d8c538a84864fd3f2d23608091b9ef15a8338dedd2d8ded92d90b55c
SSDEEP

196608:lLnyetP2T5qVCigYifTgG8hProtr6QfNi8FAj8Eoox:I6I5qVCHxT7OC6QzNo

Score

1^/10

Malware Config

Signatures

Files

etw.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ