Microsoft[.]Windows[.]Update-alpha[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Microsoft.Windows.Update-alpha.exe
Size

4.0MB
MD5

61c4336bda889fd43d8cfad15a05f28e
SHA1

74f01cbc837aa9f9d988ab2be68859d028806051
SHA256

66134dc5e5305ca259b1cade99dc3857659a81e53c845044eaf12141aa64ae8e
SHA512

49bb7abfe1a21f3f6a590d56b486342e49bb768c25dd2abb1be98dc9460e6a5fac8c915843c5164ce61292e18b62c6d94c23a0fe9a5aa2d045ae3bf7d4cd5a07
SSDEEP

49152:tDge/dyED4MsFqfrRHV9+8eIz3w+4qbje9nnLIzbgR/NDwLMjEUEL/i/TABhii:pxdyED4MNf1vyIT9Fb2E/gd1wLMu/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Microsoft.Windows.Update-alpha.exe

Files

Microsoft.Windows.Update-alpha.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\VS 2022\repos\Update\obj\Debug\Microsoft Windows Update.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ