Fecurity[.]exe | Triage

Sharing

General

Target

Fecurity.exe
Size

32.8MB
MD5

a067f1efe56b765be66a9e58adff827c
SHA1

60315081692114b04c3acb3d5e1bc61fa6a1bd58
SHA256

efe036fd49132595fa7de725775ebf1e8eae046052d8b2c368588b898c6a94d2
SHA512

c85eb8e04426f4fc1a37879de579b659552a7c86af33fafb099e092fc353fb4dac9ae9305111f270f011ab4b0443865378d5945c3b683ed85e1373a6d7b16567
SSDEEP

786432:XYfuS/7XuhD+dV7YzuFMKF2u+q60jiCAI:ofLjXuR+d8n0eC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Fecurity.exe

Files

Fecurity.exe
.exe windows:6 windows x64 arch:x64

b49baaf1338fde00bab3881dea207986

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle

Sections

.std
Size: - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.std
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.std
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.std
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.std
Size: - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.std
Size: - Virtual size: 200B

.std
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.std
Size: - Virtual size: 20.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.std
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.std
Size: 32.7MB - Virtual size: 32.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.std
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ