HedgeModManager[.]exe | Triage

Sharing

General

Target

HedgeModManager.exe
Size

22.9MB
MD5

678c5ed9e7612951528454a00fb5885d
SHA1

d2684c56fd148f6e262a4d08cb9b42617452c290
SHA256

f5355108900cf137527f4b63409e4271cec35667049e4557e03d42b763e3a9ab
SHA512

151ae13b9bf386f4d15053644407530335d918e600359903c444fdd5875e406bb05567a2bf827a27077e4cd4f673321774b7567239855c7e6e2b461a45f922e0
SSDEEP

393216:aDHtud5flA7v/83r88j62sYa4nUwKTm7S2hy0VjDEALTfYdW82t4Zngpf:aDH+NWv/uIC62VnUwKCS2hRLTf82Mgpf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HedgeModManager.exe

Files

HedgeModManager.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22.8MB - Virtual size: 22.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ