WinRa1n1[.]0[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WinRa1n1.0.zip
Size

558.8MB
MD5

b8560a9b8596de028912401635609f72
SHA1

f82e5b1c02605172534443790f7f6f6e723befab
SHA256

b3e447157186d739eec684b3ccb462299ecd9a3148ffb789a61b3e8cc10cedbe
SHA512

97d9d1c4f5e914bccc6f9a8d40836a6eb506d0ed509c6b9eac29d186e478e5a3e134411882edfd2cb32ff9ac1a3da6b9c030f47617a26e8b4b3d8084222d5088
SSDEEP

12582912:7wlaNIi5opwVah8zNCXwPaQYNYa1vkMwNaoPTEkHO:dWXOzgBXH1HoPxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WinRa1n1.0/WinRa1n1.0.exe
unpack001/WinRa1n1.0/WinRa1n1.1.exe
unpack001/WinRa1n1.0/WinRa1n2.0.exe
unpack001/WinRa1n1.0/WinRa1n2.1.exe
unpack001/WinRa1n1.0/iKeyPrime2.5.exe

Files

WinRa1n1.0.zip
.zip
WinRa1n1.0/AppleMobileDeviceSupport64.msi
.msi
WinRa1n1.0/UsbDk_1.0.22_x64.msi
.msi
WinRa1n1.0/WinRa1n1.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 43.3MB - Virtual size: 43.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.(Vv
Size: 43.7MB - Virtual size: 43.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.N\(
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRa1n1.0/WinRa1n1.1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 58.3MB - Virtual size: 58.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.x9r
Size: 58.7MB - Virtual size: 58.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Wy=
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRa1n1.0/WinRa1n2.0.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 54.9MB - Virtual size: 54.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Z:D
Size: 55.2MB - Virtual size: 55.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Xvt
Size: 525KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRa1n1.0/WinRa1n2.1.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 59.9MB - Virtual size: 59.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LNz
Size: 60.2MB - Virtual size: 60.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.#<m
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WinRa1n1.0/iKeyPrime2.5.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 31.8MB - Virtual size: 31.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d;g
Size: 31.4MB - Virtual size: 31.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.U`R
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinRa1n1.0/palera1n-linux-x86_64
.elf linux x64
WinRa1n1.0/palera1n-macos-universal
.macho macos arch:arm64 arch:x64

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 43.3MB - Virtual size: 43.3MB

.(Vv Size: 43.7MB - Virtual size: 43.7MB

.N\( Size: 404KB - Virtual size: 403KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 58.3MB - Virtual size: 58.3MB

.x9r Size: 58.7MB - Virtual size: 58.7MB

.Wy= Size: 424KB - Virtual size: 424KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 54.9MB - Virtual size: 54.9MB

.Z:D Size: 55.2MB - Virtual size: 55.2MB

.Xvt Size: 525KB - Virtual size: 525KB

.rsrc Size: 21KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 59.9MB - Virtual size: 59.9MB

.LNz Size: 60.2MB - Virtual size: 60.2MB

.#<m Size: 532KB - Virtual size: 532KB

.rsrc Size: 21KB - Virtual size: 20KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 31.8MB - Virtual size: 31.8MB

.d;g Size: 31.4MB - Virtual size: 31.4MB

.U`R Size: 879KB - Virtual size: 878KB

.rsrc Size: 268KB - Virtual size: 268KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 43.3MB - Virtual size: 43.3MB

.(Vv
Size: 43.7MB - Virtual size: 43.7MB

.N\(
Size: 404KB - Virtual size: 403KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 58.3MB - Virtual size: 58.3MB

.x9r
Size: 58.7MB - Virtual size: 58.7MB

.Wy=
Size: 424KB - Virtual size: 424KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 54.9MB - Virtual size: 54.9MB

.Z:D
Size: 55.2MB - Virtual size: 55.2MB

.Xvt
Size: 525KB - Virtual size: 525KB

.rsrc
Size: 21KB - Virtual size: 20KB

.text
Size: 59.9MB - Virtual size: 59.9MB

.LNz
Size: 60.2MB - Virtual size: 60.2MB

.#<m
Size: 532KB - Virtual size: 532KB

.rsrc
Size: 21KB - Virtual size: 20KB

.text
Size: 31.8MB - Virtual size: 31.8MB

.d;g
Size: 31.4MB - Virtual size: 31.4MB

.U`R
Size: 879KB - Virtual size: 878KB

.rsrc
Size: 268KB - Virtual size: 268KB

.reloc
Size: 512B - Virtual size: 12B