RunMod[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RunMod.exe
Size

42KB
MD5

2eb489d10f6ff2b0ced37d6b9a8036b9
SHA1

d55c3a1a6629e6fe27002b8f45686c40bea7911d
SHA256

88614eed57da41ba66085f690ae17702e95da14b4a03b8050ca6878ee44e3ac9
SHA512

6ec828d9fbf6fd29a2953a0990cc8cb739cf79c14c30d7f1ca7e4cbf56f70bcb1964cc88c44715c50efb32822e93d4f052efe8433f43908f7e0b4119212e2fbd
SSDEEP

768:oIARzlCv1McEB/48v8MruHt1u7Py/E19m8x9mOT:o3eU8NHcPj/rV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RunMod.exe

Files

RunMod.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\mvs2013_projects\mod_launcher\mod_launcher\obj\Release\mod_launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ