02b7bfbcfc56051e5d13c9ae72f4c4728f52da4c6584eda568949da03a937ccb[.]zip

General

Target

02b7bfbcfc56051e5d13c9ae72f4c4728f52da4c6584eda568949da03a937ccb.zip
Size

600KB
MD5

084e512c30241b62d1fdd43131f28de8
SHA1

7e6f7a6e3e6aebe7c56d8edb720e8c6ad3452a6c
SHA256

a83de9ca8d8594298730ff661f8c0162ef11299956511a9937fda8aaf8c44dbe
SHA512

62d0e1d773d0b9c53914fb8d1c03b4b74df97a2f2af41579e4d199f29021f1548afb9ce1c77dbcb9362912d40251f079a03019841834471d8b0f3586ded34e6c
SSDEEP

12288:nVqKycUEtQ/ckuGlxC0MvVRoR/X3GKdzHAfVRzVgmEhF/QWKj:nVDylE6uGnC0MvV2FX3/AfHzIhQR

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RFQ.exe

02b7bfbcfc56051e5d13c9ae72f4c4728f52da4c6584eda568949da03a937ccb.zip
.zip

Password: infected
02b7bfbcfc56051e5d13c9ae72f4c4728f52da4c6584eda568949da03a937ccb.zip
.zip

Password: infected
RFQ.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 725KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ