RegFuck[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RegFuck.exe
Size

12.1MB
MD5

318530bdfc2397811e5cc0ed07425c11
SHA1

33848da31350ff30633ced2584f831f3002797a3
SHA256

a6995d8b2281ce465cb58cfae08052de5f11e1cb020325cffbb39c6c607630c8
SHA512

4a32f1f8f6978d32080e2a16d9e743cf1215cafa311379ee52291d66eb0005a5f6e2f5e4b72f86865f025d9de7cc006d37fcb644aaeed10dc7d0fbd89b7aec52
SSDEEP

196608:guW39IjYpOPCqMvvfng2OM20giL+PtHfDCBLyC3Ozm1KuQ:GNIjyCCqMvg/0giqAkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RegFuck.exe

Files

RegFuck.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ