FinalMom[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FinalMom.exe
Size

367KB
MD5

78c86840e4eeb66c8994aa9f86e514dc
SHA1

6079d4916752e3f6b643e6f4993d02b3b960fe48
SHA256

9d574f5e08306451be6aff0c22014023a87151a5ade385a9dbcfafcef6e9a158
SHA512

58b7fa42d12c9ef6a20b93feb373ae9f7a56515d78e3eed6f16b5bd184b307ef83623bd0fa343212f40a5233791452b999188b1dd82e017bdd740abb287bc643
SSDEEP

6144:uk+OzlPnIW3V+hh3hCxgELfj36jV4gDAhzWe01Lb2M6J:NhT03wbmjCg83tMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FinalMom.exe

Files

FinalMom.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ