AutoDrawer[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AutoDrawer.rar
Size

491KB
MD5

ab342b62941b0e48fb3541c5fea5f722
SHA1

7989dc05b322e52464948838b9a88683440a9484
SHA256

f045c5fffdd44b8e8b001a85f8daea914327685c63d7acbdae620b1922111848
SHA512

5589a2e3227480a1ec22d5d819dfc82519aabaf99ab6fba0b8e5f26faf03ac8d64d2b03b6b69826283c88b554d8b2f6519f66bf1998cfbe382872cba1238dafe
SSDEEP

12288:oKQhQATlLWh7136vshPGqq4f0O78A+XyZCzTNqMFSha1X:oJnTlSJi4eq9f2VZq2Ma1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AutoDrawer.exe

Files

AutoDrawer.rar
.rar
AutoDrawer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Alex\Documents\GitHub\autodraw-roblox-SIydge\AutoDrawer Program\obj\Release\AutoDrawer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 778KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ