VaM_Updater[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

VaM_Updater.exe
Size

1.4MB
MD5

4bffcbc5cdecd16c60b6838aaea9c1a5
SHA1

ed937812b0f7c4f09faceaced2756f47ff245f1a
SHA256

945b1a240bd592110e5e87a662b78271e1410b9bdbcabedc9de899f61ed501a9
SHA512

d056b549478d3be3863531c1c9866126d8fdf99a628f3b5760e8079042a60d699006aa0b3e78e70567533a9d4a1a766d0506d0b1d5c542ae8934e9c885535ebc
SSDEEP

24576:iaO0n/Sf771Ej0WvowfPv+RRIUkrfibqIjk2cvp4t0EOP6:VOS/sEzvrn+7IUsfibqIZcB4t3O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VaM_Updater.exe

Files

VaM_Updater.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\cc_sa\Documents\VaM_Installer\PATCH_WPF_src\obj\Release\VaM_Updater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ