Static task
static1
Behavioral task
behavioral1
Sample
QRS20183YI0.exe
Resource
win10-20220901-en
Behavioral task
behavioral2
Sample
QRS20183YI0.exe
Resource
win7-20221111-en
Behavioral task
behavioral3
Sample
QRS20183YI0.exe
Resource
win10v2004-20221111-en
General
-
Target
QRS20183YI0.exe
-
Size
726KB
-
MD5
1dd2e037efb74e5a4f170bec4c185aa5
-
SHA1
16e76bba287365d714c88fdc7bda4907107f278c
-
SHA256
856bdca324887d301d156b43888ae746619030e90d8147e22725d75835012b5d
-
SHA512
e8f9a4007bfce23594d4e00531ca298cd3ca3f56ab02bbead0a53d4675274d4a24e83c31a69dfc4a64024c69138f277a31f3bda3da580e8704b77224b31e6998
-
SSDEEP
12288:X41On+h1wl1XxTMje2nwZsHXEqZeVjJL8OczJJKlsZzuHXPaVwkEnA0k4tDgZ9tM:XeOn+obXijyZWX1eVjJ4Oc2lISHXP+EU
Malware Config
Signatures
Files
-
QRS20183YI0.exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 717KB - Virtual size: 716KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ