savegame_reader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

savegame_reader.exe
Size

12KB
MD5

cf589b176d283abb11ba6bb3f3f6318a
SHA1

b63a6359535410e5ca5d6c4b03d48c81e2990e3f
SHA256

5284903d72d690c4fe574928ece209fe3cb38ecd8637e3ac3a98c74eca539d14
SHA512

5ca7f73e888c08f45358fb785efa6d902f9664b523b5a8d53b3798c55d1c14bb283dcc030b1e7b7787a7e0ebf2de36a77985884d077fd6118914e1cf07400be6
SSDEEP

384:QqaGs7bT/NWDXnkb67zt9sD4hupp1CUsFif2nR0:QpGs731Utap5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
savegame_reader.exe

Files

savegame_reader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ