fakecheck | 39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a

General

Target

39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a
Size

8KB
MD5

781f3c2cc1cbc7ef8eef255430698ecc
SHA1

be77f9801f0d33a4c77a40e23a26adfa96046c5c
SHA256

39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a
SHA512

6d2b8ff58bad8465caee5c0144c43365697d87711b32a2ee8753ccdb9094b74495718b6c71fec9d755aecf4a03b86b68a54659887acf5222da1bc293e1cc6a8e
SSDEEP

192:cDoLRCMEwtFgmwuY4msVUoWzW19vzX7RO4DiPuw8mC:zndPgmwuLh6oWgxjVbG2wA

Score

10^/10

fakecheck

Family

fakecheck

C2

https://tosals.ink/uEH5J.html

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/012063e0b7b4f7f3ce50574797112f95492772a9b75fc3d0934a91cc60faa240

39091afbf965590a9d743d421b44eabc217cd91c31d3a34986052a8f28cd8a1a
.zip

Password: infected
012063e0b7b4f7f3ce50574797112f95492772a9b75fc3d0934a91cc60faa240
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProjects\SelfTraining\Csharp\ReconApp-Final\ReconApp\obj\x64\Release\alg.pdb

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ