rpago0540[.]exe | Triage

Sharing

General

Target

rpago0540.exe
Size

797KB
MD5

ca34d85de17855d5071874ee082ac23f
SHA1

ab7816cbe9c6ca2ca36038263b05df149768b41c
SHA256

589913760a4915f199fbdaf977805bf863f8498be13682cc7e1609f926bf740c
SHA512

a78ad04091141647659e4b01f022234bd38f8a98926976569d65373032a1a6510beed44e81d8857d0eb731fd98c8df0df6b8ed4b844fad363243fb16527169a5
SSDEEP

12288:T5tg08DHa86/2GGY3d9KeJkppX/IxtRokRlHrR/aV/evW+9XQ5sr:gD6b/2GVd9cpAxokR1N/aV/eLBKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rpago0540.exe

Files

rpago0540.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 791KB - Virtual size: 790KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ