OverwolfInsiderPatcher[.]exe | Triage

Resubmissions

07-07-2024 21:04

240707-zwtcqazhrd 4

07-07-2024 21:03

240707-zwbgxazhqg 3

Sharing

General

Target

OverwolfInsiderPatcher.exe
Size

577KB
MD5

de98fac959df70c20982417ea2bbe57b
SHA1

a35423ed27b2eb2086e1491a0085248b68c27914
SHA256

a7ce97708d6a93b4121c20a8caf3aa973dda0399179d6a215bbdfd816fb8606a
SHA512

82ac530ad95c807374b580d080b94a2b5cbb2e889fe28496c580a1cc167ce23a0bda675bc3e034e492305217ecb704dda086f44b65cdf89ea316d46400515dd5
SSDEEP

6144:GVOgrU9FaYwF2V5JlCsKw68nOBtTU2Rz6iTDYESNt5F9DMjHyx:GVOwU9FP5RNnQt9DY3t5w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OverwolfInsiderPatcher.exe

Files

OverwolfInsiderPatcher.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 563KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ