userinitwin10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

userinitwin10.exe
Size

292KB
MD5

1792436892bebb1b117a306a6ac12428
SHA1

be3fe59893b4bee06fd8beef184b4dce4431fbfc
SHA256

f1979244a91fb2237b90024b7dfc1d1d8e4c2e85e1cfc7b70d40c4a78788143b
SHA512

ad8726ca0159fa1705585bd51427bb445f9c6033fc4a6c086fd69fef5d6b246e528fcc8c672a5c84b57e6f5ecbe397f5d0319fc704bdb1dcbc98da4020c41ac9
SSDEEP

6144:PbgdyCIzMEZ4DQ0SsG4xNAuSZG/+3NAuSZG/+MdyCIzMEZ4DQ0SsG4tq:PlzMKwtyCIyC+lzMKww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
userinitwin10.exe

Files

userinitwin10.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ