wells_fargo_checker[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

wells_fargo_checker.exe
Size

607KB
MD5

df28acf0076fffe3b4693e64edbf0cb6
SHA1

0b84691f6994c80730e8317ca81e75721ef0f324
SHA256

b4b9fc1eb2ee8e2ef5018448e58d16c73a881da6c516c49b4f9f5775b80b761e
SHA512

560b5807c7d074905eb72e407f5fab5411b7e8c182090686972c0070f20f91febf53ec0c364cac180c513eb45695f2988ad4ecdfc64e2b26979a2999596a7e21
SSDEEP

12288:sCIpQPxx+rwOeakChjDWTvxtwn8qbF4Vj7h6hCJlCs7OHxN:sCIpQPvAwdaPjDWTvx29bF4Vc0JosIx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wells_fargo_checker.exe

Files

wells_fargo_checker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ