RFQ-HL51L05[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RFQ-HL51L05.zip
Size

596KB
MD5

43183b492d51cb55de89833816bfaf87
SHA1

d05dfd16e71864e5516844313e3029570e8cd41c
SHA256

f708c0284745b3a42f3c606672a277c1ef520b950d237521b746a43190fd2831
SHA512

c8aef9472a74732fbd3211a1eb92fbbf63325984214247be93f430cf468afa7a934d0864b3654bd28379457a1e85ae31a262d968e0c059de68b1b90b2f752bc8
SSDEEP

12288:zexJ0XAGF0P++C2cyYQ96ntXeSWvpIBlY312haPQBzYn9dqk69UCwa:cJiRFVTyLUtXeSQMs2hpUnHqk69UCwa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ-HL51L05.exe

Files

RFQ-HL51L05.zip
.zip
RFQ-HL51L05.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 684KB - Virtual size: 683KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ