PowerSettingsExplorer[.]exe | Triage

Sharing

General

Target

PowerSettingsExplorer.exe
Size

96KB
MD5

9b4771aeed9bd415149eb762b959f1d4
SHA1

10b16283ec4e58c1745c3c2c0ab19a751201bc82
SHA256

800df13b14449e0a00a02764586e0ea6ec19d0f2efb8d778e0daaee3585f16c5
SHA512

2eb551234cd3fb63720f3f4ceb7f6341ccea395d7f98af4c0d40de432b5b54d0c460b9351b8d18250e26561d08a41630f1530e309d9dc3a9f3387424eed7622d
SSDEEP

1536:t2OiDShmUculhPFQswXXyHVv1QDm/LyMwQg9S1DUFY+++++z++X:tJ02lhdQswXXyH3LEQg9S189

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PowerSettingsExplorer.exe

Files

PowerSettingsExplorer.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ