Static task
static1
Behavioral task
behavioral1
Sample
BG3ModManager.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
BG3ModManager.exe
Resource
win10v2004-20231215-en
General
-
Target
BG3ModManager.exe
-
Size
710KB
-
MD5
428688620db9cbbee8cba82c72bb3ace
-
SHA1
7354c01e10233032538a11b4bb1edca1c427caeb
-
SHA256
851beb66763265cd7ae6f4eb97a23da10ad2950db5f5013238a1b4ecfce468af
-
SHA512
df7ef9d3a500451f234e27680b7ec9629e25c2993d27d5d833b3d2cc04be3814db255b1d24a6fa8b8b135d598139348605a3af0df98e62191ed5bc30b104c5c6
-
SSDEEP
12288:bEg6FwIvCpXlGkWiw2nyBL8JvRkiZ1vhd:oDwyCpXlGkUkyBLOkiX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource BG3ModManager.exe
Files
-
BG3ModManager.exe.exe windows:4 windows x64 arch:x64
Password: 4466
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 687KB - Virtual size: 686KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ