keygen[.]exe | Triage

Sharing

General

Target

keygen.exe
Size

152KB
MD5

1b575485893497e1c2049e1f91bbeb0d
SHA1

e960d6404c29dfe5c0b42de37ab1200f84e79563
SHA256

ef9b628307b4cd9c379c824c2ed31001653d616c49bf8f270697ad88197b7a3c
SHA512

632c8eb54aa249eaeb7ca4402c756f28e4a7eb21664699e9bc8a373ea070e3eadeb3c1dda3c52856f58292f4c50b0da9f1f43965ce869b5bbad4de0c9a32b48a
SSDEEP

3072:9WXc4cV/neH0ZS5DyEj70DuVxV2xuk0KR1rIrktWtpglU9/bMPY2x+qRi/:os4cV/nZqDyEjGuVxYXtR+rrpgiuPYK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume2/F DRIVE FILES/Data E Drive/C Drive Backup/Desktop/Abbys_Fine_Reader8/ABBYY.FineReader.Professional.v8.0.0.706.Incl.Keymaker.PROPER.READ.NFO-ZWT/ABBYY.FineReader.Professional.v8.0.0.706.Incl.Keymaker.PROPER.READ.NFO-ZWT/keygen.exe

Files

keygen.exe
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume2/F DRIVE FILES/Data E Drive/C Drive Backup/Desktop/Abbys_Fine_Reader8/ABBYY.FineReader.Professional.v8.0.0.706.Incl.Keymaker.PROPER.READ.NFO-ZWT/ABBYY.FineReader.Professional.v8.0.0.706.Incl.Keymaker.PROPER.READ.NFO-ZWT/keygen.exe
.exe windows x86

Password: S@ndb0x!2023@@

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 264KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json