ECQ_00884729[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ECQ_00884729.zip
Size

621KB
MD5

c82e021f9cb9529e062be0701efc038f
SHA1

0ef31e1c63e14c1ad5976afd14ba921809dd2c22
SHA256

e83faa39c83849d6f1a5ee86a46c7f492e2e7a257827ff5ce8d1919c58cefed5
SHA512

7f5e66c8c0741a0a8cbb28b5b3b3eb06995697be17a1dcdb9a0bfd4778c73f4f6965e9561f96c0a30094859b32ec1f0e882337a9750255abe04d84128603e18a
SSDEEP

12288:b9Ga6RSW7mpg1UzVJnJEBf0kEMFVar1gvoMCgncCDcOSJ7p7oi9B:bj6x7mqUzznifV52r1gvoweBfseB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ECQ_00884729.exe

Files

ECQ_00884729.zip
.zip
ECQ_00884729.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 772KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ