Widnow Defender[.]exe | Triage

Sharing

General

Target

Widnow Defender.exe
Size

207KB
MD5

90763e11a09407343e909f8687e07b2f
SHA1

a4b0c206643de5e3e2064029f3d443a850c584ce
SHA256

401c3e1a8e1166488e1e6e69e9eb0965e80be455465861d8502b2ce2f5e5e6bd
SHA512

b4a2dc5b27c8ba06f3d1069689d2ea7cbc12f8dc8118caa8f0772cea8ecab9c1945c23be7543f87955c28a1b2221b5aabfe3e9db14c6926c05276efa41591918
SSDEEP

6144:NC8VYacCrZr5lUUQWImNRxh+G9qYQyevtxrIk6ReRbK:NqdYrtRxh+G9DQyitxrIN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Widnow Defender.exe

Files

Widnow Defender.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ