Win 10 Tweaker[.]exe | Triage

Sharing

General

Target

Win 10 Tweaker.exe
Size

1.7MB
MD5

22c5cd9005c07f1caad4c598969f026f
SHA1

33879fa035571b3c965d6953882de7a4b38e74c6
SHA256

a2bd05175b0a124e7a081a361df7ec0f4d3fe1d2f02ca9e7e19847c776989f94
SHA512

417c84242654b0021db8f0ab210aee3104d81e467b7e47ac55c3e8d1b60be5c5bae47f61047a5ac027cf771a5fc2a264d1949f1247c70ad819c9f87c053d6a32
SSDEEP

24576:PcV8ZtpBjbIhM/OPdb+ccGzTYJV80+K6LPlpxfMivxNK:UV8ZBjbISGwL780+ZLlpxfMivxN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Win 10 Tweaker.exe

Files

Win 10 Tweaker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

7n!bzhQ
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ