Keygen[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Keygen.exe
Size

376KB
MD5

5c843057150cf787432bcad63c12f78a
SHA1

4508a8acc448986ce53d006b3050a89f26640805
SHA256

48b8c9c9150df90d65b98e2ae4c9b8d483d4b4db15bc95df7d9fb23b01bb263c
SHA512

32b8c833340f37a8c1759e5babfd63aa2b217300c6a91de689550d51c4d2866d4387d23fd7c755d4df1ca8251d7e2b9210ffb0ba51c53c8c36e4d77a5e0b005f
SSDEEP

6144:jp24BEXqhV5rYhK9aJ4X4hKMqWOAuz6GhTPPhqJmjlGcl3V:jA4WXqxMK9aPiAwXlhqJg/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Keygen.exe

Files

Keygen.exe
.exe windows:4 windows x86 arch:x86

009fe6767545ae516440d8eb5e027c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

pow

ole32

RevokeDragDrop

gdiplus

GdipFree

user32

GetDC

gdi32

BitBlt

comctl32

ImageList_Add

Sections

.MPRESS1
Size: 232KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE