Static task
static1
Behavioral task
behavioral1
Sample
keygen.exe
Resource
win11-20231215-en
General
-
Target
41cfe9d9f0bc92fb4c29fb01e9c34724710ae1004969bde79da5065f0b9734ed.zip
-
Size
164KB
-
MD5
cfc6f51abc94437e08cbd2d84e5912dc
-
SHA1
8e295d02620776358672952bf82dd0a3e4851c19
-
SHA256
1ffaa58fc7cfa85089611b55750a150e89ba65a1d5838ca53dac97e3789e1c03
-
SHA512
b824d27ee76a4ca286ee59cbfb5b43d7e13591c7c38d3ace6cb932d619100dc6921f1177ad40d629b4d5f3f5c0bb2daf9840eced38be67c37a0e86dee4e50bec
-
SSDEEP
3072:q27WhLxiZsKbxOl8SD8sXJQbljeCzbVCaxlDEpJ+uUofatkeepMVtT:JfbxOJDxQNPlspJ+poCkJmx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/keygen.exe
Files
-
41cfe9d9f0bc92fb4c29fb01e9c34724710ae1004969bde79da5065f0b9734ed.zip.zip
Password: infected
-
keygen.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
AiR Size: - Virtual size: 900KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AiR Size: 164KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AiR Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE