Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.RATX-gen.1832.24679.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.RATX-gen.1832.24679.exe
Resource
win10v2004-20231127-en
General
-
Target
SecuriteInfo.com.Win32.RATX-gen.1832.24679.exe
-
Size
811KB
-
MD5
7fb1638e865e58b80b1726a7f7be73f9
-
SHA1
d1a0f23aa68c74558b2762d21cab404d7ca92217
-
SHA256
4ac078a48ff7d80ccbc37c526e395b51f900c8206afe29e27b2a84bd2cd84532
-
SHA512
c6e24465c67beb6b849ce386065812915160d2cd6afca7a5a9d210a056c3ca6d559d2e7fa494c41da7a0c484b080748210d623b38ebd8b98226c3c511d96b672
-
SSDEEP
12288:Wd6tmebg0pGSMujFv+HUL1300mv6wjIq40+vSIRmx8x4+/LVmIK8:WAtmebgIRvsKJ00mnjIE+v10IZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SecuriteInfo.com.Win32.RATX-gen.1832.24679.exe
Files
-
SecuriteInfo.com.Win32.RATX-gen.1832.24679.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 808KB - Virtual size: 808KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ