Fankar regedit _fucked[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Fankar regedit _fucked.exe
Size

26.6MB
MD5

fda0e8b1383f9ff6f452e543c05fc094
SHA1

23ee6e5ae64e6be7fc089a6e200976c3cd9d2efc
SHA256

482661079188e48dd95042c2d5ae7a84d93f87ed9fc07e7d673b14796c0af53f
SHA512

30cba3ad1c5d156145b672e785d04ed3f0c07ec52f6cfdc215887b42341ec6d2f4a44d8ee7137052c6c1859dafca902a539310e9d1bca92616033c60e9c089f0
SSDEEP

393216:3JM5M4Um9U3M5M4Um9Uj0BavUNoVlAw2zDpT9rc+NZWd/xSDibJkvibZw:3aOWHOWVBavUNoVSw2zDrQ+qdRjb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Fankar regedit _fucked.exe

Files

Fankar regedit _fucked.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 26.4MB - Virtual size: 26.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ