Microsoft[.]Media[.]Player[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Microsoft.Media.Player.exe
Size

28KB
MD5

aeb351a5e37d5be69dc6a3dd6c33d963
SHA1

6ef8bcbf2d6d46bd252b651b56a013bc9821cd38
SHA256

bf6ce04bf4b4c401df0e859fe59630ae682e1f9562096addd77699c3bc6920be
SHA512

64904fe0413e430faf6e37d9efa59622593ab231b31aa94f50cf20fd87f38ce4000355c8e09f67c5a1d8954c0a617a3accb3bf32754f987f4bfa32257f974969
SSDEEP

384:vN7Jbw3kuidZHTQTR//Bp4HAX1paZsMYsTkiezoWQiHkfU+Wd0+FoNT7WbuTW:vN75w3kuidZHTQTR//Bp4T+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Microsoft.Media.Player.exe

Files

Microsoft.Media.Player.exe
.exe windows:6 windows x64 arch:x64

47b56cd9163e5e3ee34ff4f911ca974e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

microsoft.media.player

RHBinder__ShimExeMain

Sections

.rdata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ