hedgemodmanager_69de8[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hedgemodmanager_69de8.exe
Size

22.9MB
MD5

c16b5748b56dacabd69a1668b429ba49
SHA1

69c3fdf107af0145eabba7ce9fd37811cb1cb979
SHA256

420a67fd368d383cf50dd52d4fcc292f86107c25e96e751f0556f6da14afccc2
SHA512

1fca090804082e1f5f0272a276df847d3d647859e1387e3a9b1eab53f3d020556b24b3ed70475ab23f9eb6b5a9d03828e56df9c21af5932abd3dde5770e0a6dc
SSDEEP

393216:YD9seKX0eelA7v/83r88j62sYa4nUwKTm7S2hy0VjDEALTfYdW82t4Zngpfh:YD7epWWv/uIC62VnUwKCS2hRLTf82MgH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hedgemodmanager_69de8.exe

Files

hedgemodmanager_69de8.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

mscoree

_CorExeMain

Sections

.text
Size: 22.8MB - Virtual size: 22.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ