Static task
static1
Behavioral task
behavioral1
Sample
rRICO0928-2023.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
rRICO0928-2023.exe
Resource
win10v2004-20231020-en
General
-
Target
rRICO0928-2023.exe
-
Size
607KB
-
MD5
6ce870a87a39787ab4fa77da3fec640f
-
SHA1
56884811262008dd1d364d2b9cde2383ae9946b9
-
SHA256
ebaa05165e9a04e110a016a74016effe016f9e19c83fc73f25ed6b3c49db40d8
-
SHA512
42fab0285165752caf2be3c82b49aedea8876ccf089d225ab8811d52e3931f3d8cf8ba42ae4b616b2780a0975aa92b05439b34236520c7fb7eee8e4d49445217
-
SSDEEP
12288:h8oU24xPyMrknWwli74hhYglFSXQDZ3B5tQrS5ninWzIGWJ:afxnkWw41gHSXMZntQrKedG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource rRICO0928-2023.exe
Files
-
rRICO0928-2023.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 604KB - Virtual size: 603KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ