rcedit[1][.]exe

Sharing

Copy URL Twitter E-mail

General

Target

rcedit[1].exe
Size

923KB
MD5

24f40df650b81e249d9095f6207087fe
SHA1

5514e2e6b1e15fd24009562d431cbe6af0f4af4a
SHA256

1733e4b7e532c99b6a4ddeca1b9fff7bb1c5fd0ba7dbeb5f3520b6da03a5284f
SHA512

986c68b2a6a62b20cf67378f63f862022357c175d782ec96029f897f6764a04b0ce1295832cc16f1d5203817565e2ae709a5cd670e11eec574537bf02b76f7c9
SSDEEP

12288:Igc8mX6jxiXxUJPeen1wMbljUeGIeQpiwAa21tdFsQL8fR2XYlzeXhO5R:Igc8mXmgXyJPee1wMRqaKNgfR2XY6O5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rcedit[1].exe

Files

rcedit[1].exe
.exe windows:5 windows x86 arch:x86

f6373a3ff07839e0cf1095730fa9ee53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projects\rcedit\Default\rcedit.pdb

Imports

kernel32

DecodePointer
FreeResource
LockResource
FreeLibrary
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadResource
SizeofResource
ReadFile
SetFilePointer
CloseHandle
LoadLibraryExW
FindResourceW
FindResourceExW
EnumResourceNamesW
EnumResourceLanguagesW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
SetLastError
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
OutputDebugStringW
ReadConsoleW
GetCurrentDirectoryW
SetCurrentDirectoryW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetFullPathNameW
GetFullPathNameA
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ExitProcess
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
GetDriveTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringA
CreateThread
SetConsoleCtrlHandler
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetEndOfFile

user32

UnregisterClassW

Sections

.text
Size: 742KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6373a3ff07839e0cf1095730fa9ee53

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 742KB - Virtual size: 741KB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 9KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 742KB - Virtual size: 741KB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 9KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 26KB - Virtual size: 26KB