rufusio[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rufusio.exe
Size

455KB
MD5

528d3cc34833161440c1ec580e4a6ca7
SHA1

53f52906cc3df4951eadd397d0785c03ba987833
SHA256

a2323d541c1a16cea44ead68090b2da56113621fef3ff54836f29aa94c0b3fa8
SHA512

e8f9d05c0858fd887b61199203c888294c20490a2ef74a7466910972fdb1923698b2b1227f8201c2e238838a9740ff3e563629ab0fbd9b4499d4ca8d68229c84
SSDEEP

12288:IiOpS5iYNxOmgVhTV9fXcznNChCciw4+m65gI+iWcmViAHo0J33T:IibimBYmznGQ/i9wT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rufusio.exe

Files

rufusio.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ