Updater[.]exe | Triage

Resubmissions

06/10/2024, 13:57

241006-q9pf9axdpm 3

06/10/2024, 13:52

241006-q6pb3sxcmr 7

Sharing

Copy URL Twitter E-mail

General

Target

Updater.exe
Size

1.1MB
MD5

5cbaaab2491b5fcfc0652a7c895af064
SHA1

2d318b658287e62c425f4172bdca4e308a2ad5cd
SHA256

6a5036d708767b5ae7320f2f1523aac10c84e0fdc1777210505b2c23c5edf280
SHA512

37385cc81ad624b9a37fe6b50ccfa5cc213a3e8d28fc9a83fb3f4849f5a87435ff17d01b147fc9a60b9bceb69efba22b91c49ac0d154d1e4519e6ced61a4756f
SSDEEP

24576:WjL32OeHgnnDIBvzIH6cIKd0VGUBU2OGCp96W03vPWIe0yP6D47+FtyirHQD5PRm:y32tAnDIBvzIH6cIe0VGUBpODp9903vK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Updater.exe

Files

Updater.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Nathan\source\repos\Script2us\Updater\obj\Debug\Updater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ