WindowSc[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WindowSc.exe
Size

239KB
MD5

8c57b78e99249c4a822f480f38dfaaf6
SHA1

48f8492e8bd345bf7b5573b749295d1935235b35
SHA256

fba2cecf33c4c2aabdaec744d8ffbeff517b3b5c2a8c5f34c7b3e5eb80bdbc9a
SHA512

83964768f1eb5c3aecf8fc0df703ebd803b68f0072ca588d11d2fdbd268647b548ad62fbd19eaa432e67fefb4cc097b8d8ebd5f5d8beb415b8d010b0e2979168
SSDEEP

3072:olQ9nPrYgVvNRy3z7K4r/EHBAnpK37nXH8o00MqQ7n/PsT74tyJTOn0K9bscEpc2:qQ9FhrMz7Kt8Pj/PeO34Ppc9PdHTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WindowSc.exe

Files

WindowSc.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ