Epic games Installer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Epic games Installer.exe
Size

22KB
MD5

3657c26a4135a1236e2d2700144599e3
SHA1

041b779ee445e02164a637a6be06b5aed1319e0e
SHA256

ff8b05d840db7677f6b1b575348e8c2c4a65e9fdb7497e4e4bdd3502241068b2
SHA512

0f40e3d88523ecc8346111461647b28403f526696aefce3683ade0a0bc8e666921d92cba1243a7e76e80ac983a077352b336fe88ce003bab19358e534f290a39
SSDEEP

384:mafb8xJWrA+9MghHL7xLfDSA2VL3LKLj7wizHVrkvwKwq6uSVVQ+bxfReCdn9Mqa:mJghr7lgpbWj7wgHHY+dReCaiT5l3Trs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Epic games Installer.exe

Files

Epic games Installer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\coole.DESKTOP-LSMLNC8\source\repos\WindowsFormsApp1\WindowsFormsApp1\obj\Debug\WindowsFormsApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ