FixSerials[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FixSerials.exe
Size

258KB
MD5

07eb7d9cf7acf1947b5cc28a919ad698
SHA1

3a541f4d981c88b99752d48f51ee2ec9c9bea3ac
SHA256

b4ad84b637128f6ccb2973c96f3f988361155982775d4a1dcf8f6ac6f0941e0c
SHA512

ed7fc9705c64a61f54ffd341589e2d9b4d5c3d4bb72997dea7a3ce964c903b4a2924b42cad164edd6684cb8b494cc622ec4abddce0b3c2b19b04374589c55b33
SSDEEP

6144:l5o2yX4dJ16hcwp5cJIcrTwT4CkkaSC0TcW1FNCH:fo3X4dSH2qgwTRkFGcWJCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FixSerials.exe

Files

FixSerials.exe
.exe windows:6 windows x64 arch:x64

9f16a94c475fe9051ead2215b95aaf56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

ShellAboutW

kernel32

GetModuleHandleA

user32

OffsetRect

advapi32

RegQueryValueA

Sections

.text
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE