BWRWinforms[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

BWRWinforms.exe
Size

145KB
MD5

865066ba3e42c20ec09dbc925a313617
SHA1

3e7a423c5e6d46816520c38c35875490ecad2cdc
SHA256

5ebb9eef7e8b202c4bdc5860e3411843b51be81df810b72bec6cec25ce1ebeb6
SHA512

87ef56386e0058f0d0fbfb8a4594556181c6cd7d4e185dd6c7d49dc1e7f76a630ab1376b88d08816cd659dae2f9566a215fc68c225961d9b91df23382cd032bd
SSDEEP

1536:oODP3+WW0CX9P7zdvUK1ooirAu3/ypZ9w/tmJ5CwhCirvx11owS4ek9gEkKeKfMu:oODP3+WW0CX9PSK1fCWF53/QyMwYzVy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BWRWinforms.exe

Files

BWRWinforms.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ