b-rca3224[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b-rca3224.exe
Size

111KB
MD5

935c70495e8cd075dedecf8d9cdc87c5
SHA1

6fb6276bb70184c9a9e49cf903a32c8cf69f0c82
SHA256

5efe7c438d17d879fe3cb8a9c90739b8ce7276b3a7567dba4a8ed3d0b76ec9ba
SHA512

27c6739d0f9f465fdba6e969752d95caff410d22df215f45c28a23471403a740a53d4b8c268b31b4d6fbf2aece8289534b5e8ced2fa7e8c75166fd76d629f60d
SSDEEP

3072:QZYt0P2GpBG8knqddfJqSb4Mne4ODwo5gx:QMG2GWn2vqSbpnw9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b-rca3224.exe

Files

b-rca3224.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Sources\RedCad\WindowsApplication1\obj\Release\Cryptography.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ