ConfigEdit[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ConfigEdit.exe
Size

130KB
MD5

fbfe106b33097a65fe8f3dc6042b272d
SHA1

00d58244015169071298fbcf7817ebb6937159f8
SHA256

090d4a622cbfecbcbebf31c627bd58ccbaee4d0d948b8fa96c76ed21f79c60e6
SHA512

efdca83e2cd55d3fbe19e8e446b645113c7b9c216b323d6e01d5a2a26f69ca79f40cd433f8548d59efd97bb36b17a0f481bc9d82f7847c04f65add809c14ccb0
SSDEEP

3072:4FekNl119RzFRddddddhdddddYdXdvIIII5hnqLW:4r2IIIIjS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ConfigEdit.exe

Files

ConfigEdit.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ