rgjls5yh2o9ekivt[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rgjls5yh2o9ekivt.exe
Size

817KB
MD5

65321fd80d4e8c8d109530d1cb8c94a2
SHA1

7db9d8e167c70cf0ff3e98cd5afdc22ab983d089
SHA256

f7e493eaa71d08d52333e70d048d2d9ce37037d9028aad7ab429ee2ef84a32dc
SHA512

c9944b1752ff09f00932fc60ca5623517552387045c50738a498cf6e4a452fe9bd1c45ba1bd7a55ca61841e23d13bdefa42be356bc53727c3b00a59cc2906f5a
SSDEEP

12288:QHazniK0VhSiv4+uUIuGnoXJLbKSiABC8yIVjAFZwJxEh:4yOuhuqoXISiOVjAexEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rgjls5yh2o9ekivt.exe

Files

rgjls5yh2o9ekivt.exe
.exe windows:4 windows x86 arch:x86

Password: павапв

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ