AutoWB_err[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AutoWB_err.exe
Size

391KB
MD5

99e3589d649abf8c9d6bc564e278710a
SHA1

cbab23fd2f3153b81faf022a05f88c5add648d36
SHA256

9f6fa62b49f85f418227e79d2c6a88005b3e2799754c5afe0d5730b9bb845cc2
SHA512

bbe8753b0f521afbef7556dee35bc1d47bdee1a5e6300c3cec40a476daca3ae4ba7ce68ba75d373f8a67c226546bb2e874fadc5ebdcf51790cd6670b7af822ef
SSDEEP

6144:bk64FdlSkVvlhtrFeycdY2bki78Sk9lgIsmoJl9iSC+CinBx:bk64Fb/Vvl8kFSIlgDlnBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AutoWB_err.exe

Files

AutoWB_err.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ