Builder WorldWind Pro[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Builder WorldWind Pro.exe
Size

416KB
MD5

5e503d24ca178db83e5d931990c1baa6
SHA1

4873707dde8e39da9898dd324a5912d2a30482c6
SHA256

e0e74379954acb4d9847c0cfb63e8a4028217d859c74ad97b40504627277d16b
SHA512

3bd9474ee1dfc2fe2acd1c22518f10b13b938ef19fafa2fd540ca650533508f3aa66fa17cba43a70aa9eeba6b6ab4bdb5724262e869187756f5a721b38214f68
SSDEEP

6144:ngZe/liHHaPp0sCHjiJ6zRLszGvPi+XD6ztQK9UXIV/xIl6pLTcDaWfCG1kDuf:gZCina7J6KGvq+z6eynpLlWfCGqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Builder WorldWind Pro.exe

Files

Builder WorldWind Pro.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ