Installer[.]exe | Triage

Sharing

General

Target

Installer.exe
Size

554KB
MD5

0886f39e11cab337f981e62aa418f34a
SHA1

a2a33932bfc25ddd30c166accb51d1b978c10e00
SHA256

9ffaedc9f7c3b87c919f52b7ca8ba7729c1b9ea5728b49f2a527c9f587ee2f53
SHA512

d500856893e8a6f3285aec4431e0477690f86b041db1ef1edfb5531c7bcdb199e747b4eae590b4e95015e5113f76d6264bc22ead80336a5e28bfbb2b130e255a
SSDEEP

12288:4ffsBGLPMaHe27cwDhB7gbUCeZO/6h3CsYUyM8gXXV04PRKT02/0AcXhFrzO6Ny8:4nsBGLUaHe27cCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Installer.exe

Files

Installer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

NZML\k
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ