Static task
static1
Behavioral task
behavioral1
Sample
Qrguhetr.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
Qrguhetr.exe
Resource
win10v2004-20231130-en
General
-
Target
4AF227E5B7CFC0A16A04FE44BF127BBB645E0D90237175443EE89DE69C244118
-
Size
342KB
-
MD5
25eeb351be26a93f8e5b38d76b12e1e2
-
SHA1
11826e12ba730aa1274efc3520656748e867c68e
-
SHA256
4af227e5b7cfc0a16a04fe44bf127bbb645e0d90237175443ee89de69c244118
-
SHA512
7ebbd478f2c81db2598ffd036c67faa346646cd504fc0fd987215102edc56f7ffb65e768bc6d65aea631a91b36a27f6106b17abe7d86fdd2c9a2687cdfc13996
-
SSDEEP
6144:zNAbcrRg2uoRfk8p6/JWhFKmFwGKG2f2KKBP1T8RiGwr+cra6gYm:pjduoRs80/JWemCX9HR/Ebu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Qrguhetr.exe
Files
-
4AF227E5B7CFC0A16A04FE44BF127BBB645E0D90237175443EE89DE69C244118.zip
-
Qrguhetr.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 356KB - Virtual size: 356KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ