Optimizer-16[.]7[.]exe | Triage

Sharing

General

Target

Optimizer-16.7.exe
Size

2.5MB
MD5

7f57207f221db2b08e27d64bc9121b28
SHA1

3bfc4b12a533ee1ce62e5d348027d4ac90ab49db
SHA256

03a234060541b686ac4265754aff43df9325c21383f90e17f831e67965d717f8
SHA512

7cc44ff1c3210db2478f4e37fef23669f0425b1b1672fc5f53956890daccb84b32fa25c8da9f7ce0cd1deb9e697e46cdae0762a0af818f98b93544b8e39f8a25
SSDEEP

24576:zv5MZtiOMKNOJMv9EC8oJ8VxHuDBjk38WuBcAbwoA/BkjSHXP36RMG:zxMZtiOMK9EC8oa6CSA/Bkj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Optimizer-16.7.exe

Files

Optimizer-16.7.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\EfthymiosSkouras\Documents\GitHub\optimizer\Optimizer\obj\Release\Optimizer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ