HWID[.]exe | Triage

Sharing

General

Target

HWID.exe
Size

149KB
MD5

2c1ec91ada25a4a34441200dd9773c2a
SHA1

80154f3f48a32866de9742bed33ebb907086125e
SHA256

0f8980228acd3d9dd7bc9208c13a68b244ee903212327e4d350a82010aa37993
SHA512

0ff2d7b2ac069c8bb2b381333f896b2d09ee0c0ec23b1943c35ae758adc71bd34c69502fb22208b1bdb568bda8a908ed548f407010d09532664b02d83fde5b99
SSDEEP

3072:+r8dXu13UyQlK/UbZcZJuQCdM79xQbj8alpC5cgiTWMolM2i:+r8de1krcsbQuQpUQallgiboF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HWID.exe

Files

HWID.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ