FOCA[.]exe | Triage

Resubmissions

16/02/2023, 00:32

230216-avpwgaeh74 3

16/02/2023, 00:29

230216-atezwaee7w 3

Sharing

Copy URL Twitter E-mail

General

Target

FOCA.exe
Size

2.5MB
MD5

bdeaf3e240b199e642d16cd6c6535f90
SHA1

e50109877a9d510e644bf3b4491381f03189433a
SHA256

1a1654f5f3b39a563bdcc5f17149c9514d075abc25c18e637da7c0da92aa1523
SHA512

d06dbc0053030ce37a7328afb70cb93d7e28229ab46abb212ac07ae03e1bed06b0d77b6f13c35672cce3fa4663ec677d38331ccfc39e7d91012815190f4ca4e7
SSDEEP

49152:Ohkf0kexvceK8mgiHmgi7mgi7mgiimgiImgiPmgi:qvceK

Score

1^/10

Malware Config

Signatures

Files

FOCA.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ