r3[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

r3.exe
Size

407KB
MD5

8c747805e15719fc160be351945152b7
SHA1

3401f9d83e99800d0a7b57ec1fcd41df9e6f06eb
SHA256

f75b03dc4bfa307fde438f8acda89e62f72f4c212cd394ce8ed569836a6b32eb
SHA512

8aadb8b6477cb525951bd40d4f8dbd597d83897419a42a024e8d219ca85e38be0b4e7248739ffdc4b1f63a036bf488774e043fd3f532a9bb35387e1394eea57e
SSDEEP

6144:C3lJtUi1/Zlu3cVPkAGCKRfnYV2OwPV7PWcpZjLKYWg7TcoVMdJGCf2bvuoHBSyz:lq/Z0MV0fYXcpd7T1CG72

Score

1^/10

Malware Config

Signatures

Files

r3.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ