RFQ_SP_27_11_23_PDF[.]IMG | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RFQ_SP_27_11_23_PDF.IMG
Size

1.4MB
MD5

38bdc100465a3b1341171663b0600314
SHA1

892aed09288cd86f3b59053616b6c87aa021c449
SHA256

7f6ed893917f9ffff3d960f6dae6b73a44991e71be0ca327d06a5c2cfa8c243d
SHA512

363503c1944cc77b602001bffbbecb3fd23b8df11f670fb0e72962c16b22329080065e118dbe177e7118bad4d603393be58efb304ad72b141131f0151fad82e0
SSDEEP

24576:RPp86avgWepXPZgKPiwCFvjcLQAD8lLVoGYfpBhtD/:1ygWep/TdINFY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ_SP_2.EXE

Files

RFQ_SP_27_11_23_PDF.IMG
.iso
RFQ_SP_2.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 923KB - Virtual size: 922KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ