Forza Save Editor[.]exe | Triage

Resubmissions

14/10/2023, 22:58

231014-2x8j5seb45 3

Sharing

Copy URL Twitter E-mail

General

Target

Forza Save Editor.exe
Size

6.2MB
MD5

90b3c09ef907b8a439f91b91bd07f6e0
SHA1

6a73412a5afdd48e22466939acf2f94cc71a506c
SHA256

d58f4d63f405092d0d8f89382bc20e53a4cc48f153f84afbd3874dedde1b918f
SHA512

6f58a2af5b718a6235f9d19d0ae8a8b1519d49110438b509671c3e90809e2545403a955780293eabf44ff358731a75aefa004933d001a683eba054edf679e4b7
SSDEEP

98304:DOKXdZQsz2Ev7KEruH9faVuskghQ+F4Cj5k+biapSEYhxISDfnH63g1+D7oU+sF4:DVz2EveEI9izkEQXCj5z8p6wCo4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Forza Save Editor.exe

Files

Forza Save Editor.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ