KashiRegCracked[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KashiRegCracked.exe
Size

25.9MB
MD5

6d9b9cde48c7e11627c27c05d0dc5030
SHA1

f957f5e506c764cda9c692a4c295dfa75f788878
SHA256

b71995facf8edb8632003144b1ca2bb7d5f952707e807627f6fea9f0600a2978
SHA512

b83a6880c88f6a99330120a3e88b48d5bd5deab2d20a251868c8132df62112a47b1ebceeabd99ca3ec719b0271ebd7046a6bb7126019e721872583b5bee1238f
SSDEEP

786432:TY/MQMBPSM+QMBPSMJMMvnp5HZ5eMpGv8:TY/PMPSeMPSmMo55em7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KashiRegCracked.exe

Files

KashiRegCracked.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

IZtOta<
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 25.9MB - Virtual size: 25.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

,qi"?k
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ