SharpWSUS[.]exe | Triage

Sharing

General

Target

SharpWSUS.exe
Size

49KB
MD5

37b1b821034ae172fc764bcae08bc5ca
SHA1

baad1e39aaabf46a8d7a5081c7b88b9c82d2ce72
SHA256

0108e07d10e0ef3a092c1490e3570d4740e2906178f2f997458a3e2a89cba33d
SHA512

40bd5c9949b860e8f6d22956cb0314a5b62c87f895282c36a0d8ee14f93268ce36784c518c88c5e5d7fa30c0a3a955a4c6ebe73b51d8edc751e9eac136f8d6f1
SSDEEP

768:8msEeeI2w0wGaV/mcZaq/wV8vcYoTByAcEYWd4YQrgX:JsLswfGa4yAcEL4YQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SharpWSUS.exe

Files

SharpWSUS.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ