MrRayzoAutoPatch[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MrRayzoAutoPatch.exe
Size

176KB
MD5

c66235b0b439fa684e3e2cf43023c575
SHA1

3c7e98ebc1f9ef7a7e81dbf6893b35853e190972
SHA256

f8d697eb7b585e5e403ecb7a64d833761d964144b8f6de95460cf1566b48a31b
SHA512

d8667a6ad4b03bf2ff8b6d9ceb98ac0e2370d58249a055430e2da4854ddb79eb383fe0227014bce76bb5935104a3522d798212098b89b860e1b28a392d6b8511
SSDEEP

3072:lSPSHeRWd5uRKSwzkMhXb8glXKam/fV6oH6ZnhE0/:eSHHZzZb16aEV6oH6U0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MrRayzoAutoPatch.exe

Files

MrRayzoAutoPatch.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ