DAOSavesV1_3[.]exe | Triage

Sharing

General

Target

DAOSavesV1_3.exe
Size

46KB
MD5

ae9f7e0c6268b01d0bfb744a4b3aaf70
SHA1

e375190bdd15b1db664e94f3b46b99a87295ea91
SHA256

5e2ff528e65a53af0539b1b3c44847d60a5be7daf300e93052fc85a5ff9d71da
SHA512

cc987d51765d33d50f9829b7c43fb5bb8e08b7aecda2ade540f408844c447d94ca247890fd82b426682ec24963f7b5f28b47d55eef3a255b1aebcafdf8e0d94c
SSDEEP

768:HRj6JJpb3WD8HlVzpnsjVygFek7eOXAQ945zHEVK8lYlvfo7bN1Mi4E:HQ/7WKzpOL5AQ94lf8WlXGNKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DAOSavesV1_3.exe

Files

DAOSavesV1_3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\PLAY\Dragon Age\MODS\IMPORT PLAYER APPEARANCE\DAOSaves\DAOSaves\obj\Release\DAOSaves.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ