HFlashPlayer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HFlashPlayer.exe
Size

33KB
MD5

6c52eb6343505125e91b788d603c7a39
SHA1

7112987259eb367d016e911a2d0afc94c31a0fcf
SHA256

05d59d0257868942f418f826695cfb3907ea0bc27df9885657526c376b8ec03f
SHA512

227b1ace54100864cb0bdcf58fe7e9edcf45c1d45048729383ec3e887f729c80422da289ea05a8eaaa048e2c542088012609aaed53dd5d345a4f11432a5e0cb8
SSDEEP

768:TPprSjI6nXqIpQ9ka3JK6nXqIpQ9kalJy:TxX0XqIi3E0XqIilM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HFlashPlayer.exe

Files

HFlashPlayer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

e:\HFlashPlayer\HFlashPlayer\obj\Debug\HFlashPlayer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ