RE[.]RICE PRODUCTS[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RE.RICE PRODUCTS.exe
Size

645KB
MD5

5eb6b0215c442e6ea11391e3bcd9d13d
SHA1

2a426308ad4a95fc519f453f82dac8fde5588754
SHA256

16be12f7d98675fee56f1a7b36544ae013bf8aeb28a4a77d426ac77ecf8de2b0
SHA512

3f5e09a34850ded5d659576cb6a3fe2073f0fc4f461cc25b869baf0c824cf8475d45d877bbff60b1c8486e3981030c0f56b23bcdc6ee6d2ba47aa27cbe35dff3
SSDEEP

12288:/MV1vjJGGna1Riq2xFUsNJsBf9FrxyeW6Dr5nImQ107WaXfoLl0MN3xVCu7UyKtY:/MV1LJ1na1QxUsNaFu6tImQmZXfoLldx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RE.RICE PRODUCTS.exe

Files

RE.RICE PRODUCTS.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 631KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ