FNGRepSchService[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FNGRepSchService.exe
Size

403KB
MD5

cf2495b46cbf9549c7d67a42afff76e0
SHA1

ef0a0a61757f906e2248277f4ccfe8a7dcc812a2
SHA256

da5c9df7b33d5cf0256a42f4ed19cbb3bb30f9ad7d06a2837cd5e4ec8f6e63af
SHA512

ea60220cb6424749db0caa7433bcaca9621d151cf69e5e2cfdf6a1d770e4a71f7b92866003fc58301a9da37439d52d8d841c7400da8fff4a4e5f6d4333b0cdd8
SSDEEP

3072:jJNJYJiOtgjnuxyQsWIMOE0Itv3cAMrlv8+7VhsbhC35CGndcDqDOGxx8ughv/tB:HOtgjnuxFyf03WRv8+xAOF6ghV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FNGRepSchService.exe

Files

FNGRepSchService.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ