11f4d8694cc01d2fe4a7432750def1c4[.]rar | Triage

Sharing

General

Target

11f4d8694cc01d2fe4a7432750def1c4.rar
Size

488KB
MD5

11f4d8694cc01d2fe4a7432750def1c4
SHA1

14a65c3d2e937089a196f5ed7eb423f6b81ea83c
SHA256

62a791ee75cc34470dc1817c52059b38754ea78b6d5c15bf4a9384e386d65228
SHA512

8b41669fde7358156f80f978b54d2fbc85e20914c32eb8a5eef0b54ffa5c409242f5b18c42e0c28f5fc444f94bddef95602b217d6df5057554eb112cbec3cd15
SSDEEP

12288:CLM58yL6slrKqVCOgrFiZKoxSE9T5XdW+xr8f6t2yk4RW/h:CYayfoioiT5XdW+xr8jnMW/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ WAFA-32592-MKJ.exe

Files

11f4d8694cc01d2fe4a7432750def1c4.rar
.rar
RFQ WAFA-32592-MKJ.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ