RFQ[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RFQ.zip
Size

600KB
MD5

bac229d28544292d41b53ddc974a7444
SHA1

b19ea96ef7a6f605cde4caabde55494a7d1cf992
SHA256

02b7bfbcfc56051e5d13c9ae72f4c4728f52da4c6584eda568949da03a937ccb
SHA512

5bac637b8ac160ebb1851b0810d54da1458a2aa002e25069a1db5d4793e45c79997d906fca687f7709692551c5b6c2339f7d06ecccea750fd4364d2afd80a001
SSDEEP

12288:xFXl2mA/CJD1BLAai8o37OqSwj9ORzP9gtM/APdILNVjlcnx47eJgNvz+QEwx:xFC/CN16R88Swj9ONPeM/GeVj6n2o6v3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ.exe

Files

RFQ.zip
.zip
RFQ.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 725KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ