aa6812dfb53a1a5f1631e92271cccf57eaf3a6cc40c70234f7308918dd6cf1cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa6812dfb53a1a5f1631e92271cccf57eaf3a6cc40c70234f7308918dd6cf1cf
Size

1.7MB
MD5

1a7f8f54d3a9a3a247bd2334dc215885
SHA1

34fe288c993de94e10f8ebf8145283b6e1475fa9
SHA256

aa6812dfb53a1a5f1631e92271cccf57eaf3a6cc40c70234f7308918dd6cf1cf
SHA512

6ebabf93e8bd968a1493477a8df4d093a9babe78bba0b9d21c8d5e0b2cdc003f0913b4015859dc267fa47e6b985b1fe3b514d7c25726d746869d4458f2d5284e
SSDEEP

49152:hVD7m7az4pVmOWOeJd43SnFgqeLVVI2SfJCOsx:37wa8p9t0gLVLSJCOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ2610204.exe

Files

aa6812dfb53a1a5f1631e92271cccf57eaf3a6cc40c70234f7308918dd6cf1cf
.rar
RFQ2610204.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ