Rams1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Rams1.exe
Size

10KB
MD5

0fddec6cafab48683c87b17a77c7e72c
SHA1

756d3a743e13c62e4f1e27a0efdee800097fcca2
SHA256

c81feebf41dff582338d40adfdf27961f8548a0e3d37570c758752e0461852f4
SHA512

3b4142d65fe9acdeddd8502173638b22f0665ceed0562011f42d8ebbc3930cd847b6f18b67dd96150983869af70dd58d46f4c93565457950b3746e9b1cb1b586
SSDEEP

192:X0SDjdhOngKRS+a/h5dw3KtmxJIrF31P1rfUYffDa:X0SDJMnto+a/lw6tmkb9rfBffD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Rams1.exe

Files

Rams1.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ