AndroidSideloader[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AndroidSideloader.exe
Size

4.0MB
MD5

20947cc58e2add3e4b157273bad06541
SHA1

24e769605cf998cfb88b7425fbce274389040ab1
SHA256

989ebdeb5fc4114b6db0fc7f29e44e63ad42ece9842ca99a872fba33033f99bb
SHA512

896009a698abfcfabe0776bab2ebd3e570b0e3bd550b419241e1c5706940498a9fc1ca41b0b6352248a148781498d640d5d9c37381f2585978761a447820b296
SSDEEP

12288:QYGiwTOrVwTOnwTOnwTO9xpwTO/HwTOnwTOmEoyyN302V8gvp5bu9TlLfUTdwq1e:QY9jV//Ppn/0yyNEwJvvbuhZUTd+h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AndroidSideloader.exe

Files

AndroidSideloader.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Sideloader\AndroidSideloader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ