KreYzeFreeTempSpoofer[.]exe | Triage

Sharing

General

Target

KreYzeFreeTempSpoofer.exe
Size

34KB
MD5

e6d734b1387503f367d0fbe640f73e79
SHA1

6630373294bd1568bfd06543e7dc8fed91ce7839
SHA256

1d69b82c8dc9a86435c8907a363f0b4f4c4ec43f64e7039b4abe64e741013e1f
SHA512

fbb15d9c15437d2afa72948867160b05afa6ec419ca03c12c21782ec3ab8391da9547e499317fb116e4d2d2f73750a0391a6ddd23f4a643956481228e5100d9e
SSDEEP

768:PPGdV1oWXHdzUvji9AjCViPUoqZbxKjIjoiWXNr73A08pJe1BSjtYcFwVc6K:P+dfoWXHdzUvji99UMo6bxKjI0icNr7w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KreYzeFreeTempSpoofer.exe

Files

KreYzeFreeTempSpoofer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ