ff6e753a0e6c0eecbe0410d86361c1d5eee57f20a06a562ab62c2a05f4e15a35 | Triage

Sharing

General

Target

ff6e753a0e6c0eecbe0410d86361c1d5eee57f20a06a562ab62c2a05f4e15a35
Size

1.2MB
MD5

56e58642c931f6be0f703f04a72e24a3
SHA1

0aa16b946c1ee2e5a3315bab19f82ce7adb8fab4
SHA256

ff6e753a0e6c0eecbe0410d86361c1d5eee57f20a06a562ab62c2a05f4e15a35
SHA512

fa653a25351e712dbe17f035496c38d9fca86d93c53c2fbeeb7b1a5769a64ae1905d4d29b2ea9c5268a2183105315d3bdcad90209c8f3d9652f633dbd96d2d51
SSDEEP

12288:7AyQaueH5qYnMZucAGVECGL8uYW9dp6bG6JDMG0vqy4JZlZTzK76IGzHG0w:7Amqz0jGiNYc6bxWGS+jlZq7kzm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Quotation No. Qtn10077_pdf.exe

Files

ff6e753a0e6c0eecbe0410d86361c1d5eee57f20a06a562ab62c2a05f4e15a35
.iso
out.iso
.iso
Quotation No. Qtn10077_pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 629KB - Virtual size: 629KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ