WinRa1n2[.]0[.]exe | Triage

Sharing

General

Target

WinRa1n2.0.exe
Size

110.7MB
MD5

2d9e1f02939380b01107d0e136500762
SHA1

a87392f5e470185b152def3338e02405c75f33ad
SHA256

1c3fe8ec6e7abcbc19637ff924776fd2686ea8a927cfe3add9a091481c936683
SHA512

ffaf3069d41e315ef38fba9c650a75bfd0fa543f7416118fb8ba007e44085e44dc8b96c7760c666f675f2bb115e9df57d0df904343774068ae12c90d834cb777
SSDEEP

3145728:6jo3zKJKIzwZnaoU+WbA1n1zS+OPM6Eg5+vHBUC:ejw7ZaoUPT+O0i5waC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WinRa1n2.0.exe

Files

WinRa1n2.0.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 54.9MB - Virtual size: 54.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Z:D
Size: 55.2MB - Virtual size: 55.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Xvt
Size: 525KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ