QUOTE# REF 21654[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QUOTE# REF 21654.rar
Size

825KB
MD5

ca861b812e60ef5c718a6064158fcde4
SHA1

d9594283ad572a25c9006d94258f85bcdbb6c924
SHA256

070fded2d2243db45e66db242d451f7edc0f1b240bf75cfbe97ad703f8f80e2d
SHA512

3421c8333510214d7ab7cec8e68795cd590c598add720e7bb78c2d2cac139aba40cef43d45f78fb7730cd01183d7b766a955694ccd3a5b0ddf40536dc381db33
SSDEEP

24576:VW6tN/gRITF5Ug5rClPrYsTDT8nOB/jsaWBFK0YqAY16OiAtw:VW6txgRIrr6pT8OBrHWDAYIew

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QUOTE# REF 21654.exe

Files

QUOTE# REF 21654.rar
.rar
QUOTE# REF 21654.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ