rRFQ(17092018A)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rRFQ(17092018A).exe
Size

741KB
MD5

5f7fe9c19aae16719cdd112e20e39134
SHA1

3f4ee4c409463e6d0c6adb498c11a0d65afdaad4
SHA256

2a7a8b9c2e197e3fe09f6749a733d7c2a46000ab70b6d7fc8feea9bf22e69457
SHA512

12a964962ab33425f9f9b3d7d70e409a8e51ae5bbaa67b9d5596d79f540a1952b0dd97f6eed87624b40bc9b6117870a16d9b40df9559a8de7904eb9a0d46d2fe
SSDEEP

12288:/HsxTA6qt/Ikli5mfQAQGjZzvRgLBpWamlngym1aDbYQpZErruti2+0Oed5UKi:Exs64wVsfQlGjZz+LuNlnNm1akQpariq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rRFQ(17092018A).exe

Files

rRFQ(17092018A).exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ