WinRa1n2[.]1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WinRa1n2.1.exe
Size

120.6MB
MD5

5ac4400d8d5154980bfabe7f63dc6f4d
SHA1

e2f678bb2250cc129e86dae533c591cd56f35104
SHA256

195eb3d5707ec45d372edfd00017086a977a04dbc6aad0d056078d543a2a5255
SHA512

ed59fbda04c2191c0470439d3bd4f45cda718e3dd685b7e6f3a1f25147c78ca1a49aa074832474d6a6932f0b2ac4e201cd03c58d65c7bffb90b19328bd15cef0
SSDEEP

3145728:1ZqU7zKJK4zwZna1fRKp88yqMyhRXR72Qy2ti:DIwrZa1fqvMuNC6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WinRa1n2.1.exe

Files

WinRa1n2.1.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 59.9MB - Virtual size: 59.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LNz
Size: 60.2MB - Virtual size: 60.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.#<m
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ