MU WindowMode[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MU WindowMode.exe
Size

208KB
MD5

3e2dfff00be5a0e1df4decf784f2f601
SHA1

c82f9cde4f3e00adabb033eb7e2a4f1b77817921
SHA256

31a7496f5a9104e14ffeb7cf9af4a1b7979325a93867ddba01f29df3a7311d09
SHA512

ea3e29eec8e2b8bf9a0a3a24a123fceeec2e366745525959d369a6ce1de2d95876b948f9b3bf59dbaa336b0148cc83c593afe1571b3b6ea1cf554c9021bc857f
SSDEEP

6144:EStNeqvGMvE4qvGMvElqvGMvEhsqvGMvE:7tN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MU WindowMode.exe

Files

MU WindowMode.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Documente\MVS_2008\[Source]_MU_WindowMode_v3.0.4.19\MU WindowMode\obj\Release\MU WindowMode.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ