GarrysMod-HammerPlusPlus-Installer-v201[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GarrysMod-HammerPlusPlus-Installer-v201.exe
Size

456KB
MD5

73bba87b99c8b6db9b9e90d991ef7bfb
SHA1

64bca9e3cf40086bd7eff57bc3eae9b22152ff80
SHA256

ff8fc238aef4081f7ceb9eb3e1afe866f75a2f95d3b72473db3ab51a980158af
SHA512

60ad4958cae660f8e3dbd90ddc28ff8abd14def1f76b3a6c488eead3f53f880deca270f49c837edbc13b41342be5553e55bb648387fe32644a6e88b684e80e2a
SSDEEP

6144:gs84E/BRxvRZVLlfh7rZthO+JjkuHEEAt/wz/60baxHUz84E/BAk:jE/BRZdfrXg+JwuKt/S/605xE/BP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GarrysMod-HammerPlusPlus-Installer-v201.exe

Files

GarrysMod-HammerPlusPlus-Installer-v201.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Main\Documents\GitHub\GarrysMod-HammerPlusPlus-Installer\GarrysMod-HammerPlusPlus-Installer\obj\Release\GarrysMod HammerPlusPlus Installer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ