Quotation require[.]daa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Quotation require.daa
Size

571KB
MD5

e2b2dbaec5ee017393fca00f5ed71fcf
SHA1

77464e90fe518834dc76695a1cdc88a161de7a16
SHA256

42225fc283c7160f4f9cc6b4aeb4414fa3e029ff491d24ddbcffda0601a4efd0
SHA512

c9c795609ee19a0758240f29e7c0b717e8d5a0028639d6b03233b06280b31586b4babe0982850d2a38a269693a3952b2560280775b88904fff628b5cfeffc00c
SSDEEP

12288:lBzaE8bPPY9adE1keBjSE1JKNzcPOD52+yE6jQ2GOLw:HzaPbPPfdEzJKNIPO12+GfjLw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Quotation require.exe

Files

Quotation require.daa
.daa
out.iso
.iso
Quotation require.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ