QUOTATION-98475[.]IMG | Triage

Sharing

General

Target

QUOTATION-98475.IMG
Size

1.2MB
MD5

339419993f57aa7d7839fe98edd6de8c
SHA1

5b3b01e952f50eff1bd260a6a0ffa34d03caa2d3
SHA256

1a1bbf029946053e95e83245662cf19a732592ab416d5b51fdb024158b8ab0a0
SHA512

1fb72d8abd3df769d136ef6b89c7aba7c4600a73eeac9bfff56d08362c67d585451af1404982a9277573f801533bb8f6aabb2f89508a8c64b087afc4579c7866
SSDEEP

6144:J5EuZhFKEW5iVlV1Q8jWA2pdpcX4hGRQhE9EsU5TqhMcOUdFfEsuABNueCgq:JpZhFSinvQ8jWA2psoh4+bssTTSuAJq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QUOTATIO.EXE

Files

QUOTATION-98475.IMG
.iso
QUOTATIO.EXE
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ