ZenithInstaller[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ZenithInstaller.exe
Size

878KB
MD5

54256dced0baceabe75710a20ecf18ca
SHA1

3bdf6fb5b5fe5f984e648751f56c7ebe10591375
SHA256

40f8dac5ea94694ad0a7cc6e271849fbe2ec49892791754a05e5ba1062429f7b
SHA512

7ee7c8325a447fa2e4d012320db904277289c0fc2602bd269e3e3baf81d291d9dce9952f0bdf284e2e5e533992e310116dd07d2b3023b97babec823794828cf7
SSDEEP

6144:oAyagFFCLjJgUpL8SNFDu/O63hGSb/DB5pr0+UTsWkef1XwxQ1Awq/:9yRFCL5p5bu9TlLfUTdwq18/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ZenithInstaller.exe

Files

ZenithInstaller.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Programming\Personal\2019\Zenith-MIDI\ZenithInstaller\obj\Release\ZenithInstaller.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ