Static task
static1
Behavioral task
behavioral1
Sample
gpiQaD7JJyHJILw.exe
Resource
win7-20230220-en
General
-
Target
New Quotatrion.rar
-
Size
520KB
-
MD5
5361c749c00af33849c9807d67e91083
-
SHA1
12be37b073a142d96e895fdbd5781e6b29a569e3
-
SHA256
e96272b73c791ba1159f7752818277eef009b0eb5945bf8405536b4ee399042b
-
SHA512
77691ca2d8ce05212567e495213a2529006e887105584ed2fc5b842b590f9c47be1f810667c580852f3ea4b44ba5cc5bcfa344d1060a85d59804aa6b282b78cf
-
SSDEEP
12288:gjpLDWkQlDClcxO52x7CNAASbOvD2mHp03Usdq4NBQok2P4:K/sZgfMqHN72o03TgtoJQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/gpiQaD7JJyHJILw.exe
Files
-
New Quotatrion.rar.rar
-
gpiQaD7JJyHJILw.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 627KB - Virtual size: 626KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ