WriteUpdateFile[.]exe | Triage

Sharing

General

Target

WriteUpdateFile.exe
Size

16KB
MD5

72bfbd505db33d8b303de2a376e04d84
SHA1

b51ed4b3b35ed2daddb89cea4d6c02f2621db6e4
SHA256

0a580ed0cfa546f26bab72456cbad0e35bd64948d0d12f8aa9eddd2309a612d1
SHA512

099ecfc0cacc71874e3bdf9425ed073b3b31157faacc720f1b28ec1b736a520084348925c30813c98226ceae5a34fe4e51da36d0abfab34ad59c1f1d6792cbdf
SSDEEP

384:e+030Ol8W8JYzzLndeL8Zm7HIZ7WISXmMUbU6UZULYlEe/3SLO/vg9RFMpMMMq+:Gl8W8iPLndeL8Z6HIZ7WzSj0M2pMUZVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WriteUpdateFile.exe

Files

WriteUpdateFile.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ