Windows Update[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Windows Update.exe
Size

156KB
MD5

f183cbb06a3dc03eb2f62f8849f26461
SHA1

2775753a15c36a4c77f5ce14f5b078f13da6a195
SHA256

940d9d95e0e14582997dd6684f6c384d96aaa0953cf9f80b791eb789954f71e4
SHA512

6bd7c9922e974c2e930021aefe6eef6957470865fc1e958fae9a82587a135c5e7bdbab2ffffb32a1bebbf5654a7d7c1b228afbd76f0da10a1cb71857b141262f
SSDEEP

3072:DiSnCWbFUZSNvrQnZvqV+lvrQnZvqV+TUBaNqvrQnZvqV+H:OSCWbuZSNvrQtqclvrQtqcTUzvrQtqc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Windows Update.exe

Files

Windows Update.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\junior\Documents\Visual Studio 2010\Projects\Windows Update Center\Windows Update Center\obj\x86\Debug\Windows Update Center.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ