adfee2e5ba8060103f1efaee4bd045a7 | Triage

Sharing

General

Target

adfee2e5ba8060103f1efaee4bd045a7
Size

211KB
MD5

adfee2e5ba8060103f1efaee4bd045a7
SHA1

8b2385003b5d928045db231859f3c613534dc52a
SHA256

e7f9da296eafc01ccae99546c4add21f2db2e33c4cb8459d106294c4079e4f4d
SHA512

bdd5e0be3a987f07cb3839cf93aa4964f7bbfd0176c2d5eebe79d7d08fbcde4a9156d3f061d90a7fd2bb6b69ad660abcac35d029a091a42980d7ccea146b968e
SSDEEP

6144:gxZXG6ymN/oXXA9pQ8NvkMxZXG6ymN/oXXAVy:6JvRstKJvRs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adfee2e5ba8060103f1efaee4bd045a7

Files

adfee2e5ba8060103f1efaee4bd045a7
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Brandon\Documents\Visual Studio 2008\Projects\WLM_NowPlaying_Enabler\WLM_NowPlaying_Enabler\obj\Release\WLM_NowPlaying_Enabler.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ