4e5686db9f41422e269758c02a819858540f4643591c93c95f8830dc1dcc959a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e5686db9f41422e269758c02a819858540f4643591c93c95f8830dc1dcc959a
Size

792KB
MD5

b616302d88cae2aee256f31aaea3b276
SHA1

0e6605f42fec8459037c49d14c9220ac266bb177
SHA256

4e5686db9f41422e269758c02a819858540f4643591c93c95f8830dc1dcc959a
SHA512

6f9b77edd12340575dd245d89510a3bbf8fae294f4000fb5ee900f7159f7d792033644e8c8b47795a6eaa4a10e6f7d3bc3de2c6a7a6b0d811981e57ebd4aeceb
SSDEEP

12288:j/KPc8j8qshDJh8g/MVhNwtEM4ZZj45pOx9F3n4o3nqbgxn2m:j/KPc8bshEl0EVA2XZnKQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RFQ97-64296.exe

Files

4e5686db9f41422e269758c02a819858540f4643591c93c95f8830dc1dcc959a
.iso
out.iso
.iso
RFQ97-64296.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RzjD.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 728KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ