FreeAntivirus[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FreeAntivirus.exe
Size

30KB
MD5

819467210e3656e898500092242fbed3
SHA1

eb09bb42111ff441d555c01ffa91f24843832b16
SHA256

bad75666fe72be3bfada3d5735bc8fb1d74ab2304b067a1baa3799243973a127
SHA512

e23839c3277e06729656996fc9ebf6b67fdedeb6a5c02b45fefce3e902d19afe3662ee4428b86ab15696e8648e8937a38c6036828a673d48335d610cd51a8449
SSDEEP

384:Cy5RcAlVwYeCStErejitTQJ2u0HGVDGmy1C7S7hTWtX9ZSaCfvYo5rZ5+XWFdQmS:CGhjLsEUiz/zbNWtgYgr/J8e333s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FreeAntivirus.exe

Files

FreeAntivirus.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

WSG0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WSG1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE