SwitchThemes[.]exe | Triage

Sharing

General

Target

SwitchThemes.exe
Size

487KB
MD5

2691f2fc4105ca0db20d5b67eb155b64
SHA1

24711d01f5cfbadf334151c53c2e3daff62601bd
SHA256

e842e8d33119b1ea43595975a8e42056e05bfaf5174dfeab1a0a20aa2577b080
SHA512

dad80700ec2c2c34f46c68b082caaa8a15463073193d487968fe597e3ac72910cb861a77fe46b63dd408bef7ee605292f73045f1248791a82b2cb17e1a57fbce
SSDEEP

6144:ZjO2U5+7yPaMvS0CDpKQH6IvRVMrIqbOs1gF6j4IXckQ0EijZJB24A0tmF6j4IXj:YA6GRV7k9wVKcP0n1UVKcU0nA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SwitchThemes.exe

Files

SwitchThemes.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ