Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.RATXgen.16516.30497_JC.exe
Resource
win7-20230831-en
General
-
Target
SecuriteInfo.com.Win32.RATXgen.16516.30497_JC.exe
-
Size
7.6MB
-
MD5
9f42c993b0f9560fce2ac89d5b823b3b
-
SHA1
7c3ae9d0a92335ec5076490af4544a071d69c6d4
-
SHA256
3e6692760e61b3e71675a24f7b5b50cde09cabf750ede2a9a365c8e482c61943
-
SHA512
867eaa8455f4314e355241374b0eb80bcc7d6f932330e82c0a18a8e79caba014f35621c2bc0e345d294eb95bcecfcfed7652b058c88ae52ebfa82436cc59d379
-
SSDEEP
196608:Qv9coCuwOc11PU2hGdwV52HSabjklOaxb/1sjK:ObC/O2QejwSZ9/1EK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Win32.RATXgen.16516.30497_JC.exe
Files
-
SecuriteInfo.com.Win32.RATXgen.16516.30497_JC.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 7.5MB - Virtual size: 7.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ