RFQ Gate valve[.]rar | Triage

Sharing

General

Target

RFQ Gate valve.rar
Size

338KB
MD5

3a74303abf5e3918535dcb9bcbd85e28
SHA1

010485acb99ae4b20e2c17f25229de2a4d5b50bf
SHA256

42150f02e2a9ccfe376a050b9b2620c438a5b2e50b02e5687bcb8a34e619de94
SHA512

362b3247bf35adc0d088903625408a1870ced00343d28d84ead8f9478f0ba2bf6f135d263554fc2ae3fce9e682191af8cf95b1157ea61d0a9cdb9934c75fc0cb
SSDEEP

6144:saZSXDiH1M91g+vJIw7cWMR4kwb8zwSt+juLMvCpEIXTm/an:Z0KsmtW3SWqpEIX6Sn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ Gate valve,PDF.exe

Files

RFQ Gate valve.rar
.rar

Password: CI#$mbINa
RFQ Gate valve,PDF.exe
.exe windows x86

Password: CI#$mbINa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ