Update[.]exe | Triage

Sharing

General

Target

Update.exe
Size

336KB
MD5

690d8f6c1f851c93f19193fa7371e185
SHA1

133534549f259f5290637e36553eecc4bce1b6b0
SHA256

1349d69e8ce586fb70ec74fba945ffad2048f953fa416bd658ad4a1a8f084c88
SHA512

230d56204cd3e3aeb8dcf91f49bcd93ed9a0db2847e0343accf933e4061d52174f06f6798c05fe9d4535196b1acc41d72f64d3adefc6b757a095a18768260e6e
SSDEEP

6144:PLzJCQuGdy7iEjG8Voj1tchYqkkCsOdPQL91WmyT7O:PfJVra5NM1t5EOdw3WzPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Update.exe

Files

Update.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ