ModAssistant[.]exe | Triage

Sharing

General

Target

ModAssistant.exe
Size

983KB
MD5

5012dac274c8eaffe841ae904267b67b
SHA1

0d7f4d9ef1a9e76a222d355b44b8fb88f3a062ef
SHA256

fb26a91bc5c1c194e3eb3c0f894ba5f4987c274ed39ddfc50339f7167ff588be
SHA512

ecaa5da85f6c8ee62d13e1a0b414d31983694029a053799b43daed1bf8e3a99a9834621ee8f2198abaf7001e957e68ceaba8e3bd5805f06d11bc8a4cc28f31b2
SSDEEP

12288:NdzGb7XTKA40OCMjHO8o1lmR2oT53dKrtxeCfgFb7jteYx3QI6x0u+Ac/Krtj:N8PtZ6ESCmb7A2U03Ac/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ModAssistant.exe

Files

ModAssistant.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\ModAssistant\ModAssistant\ModAssistant\obj\Release\ModAssistant.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 858KB - Virtual size: 858KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ