ModAssistantPatched[.]v[.]1[.]1[.]26[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ModAssistantPatched.v.1.1.26.exe
Size

700KB
MD5

378297b6638fc4142767a9a33d5a831d
SHA1

6ec20037bbeb92d6c2da30f136392b8db0def7b6
SHA256

0f6541943e876ffda0481c3052dd635e621f0ed168d3281ee2bc000f78a45ff8
SHA512

4522ebbf027263a0b967961e7b2807e705828b1fadcf7e0c218a7dd62c31ca6f1d190422acd78d7aedeab9f2fa5a5377a6cd240c8f447975ff83a9e67671f016
SSDEEP

12288:6DWldH/qIvIR3fVMBr8iFR5HEtdSKrtxeuwtn70KrtN:FGmES/l0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ModAssistantPatched.v.1.1.26.exe

Files

ModAssistantPatched.v.1.1.26.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 575KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ