a0867d9089bda8af44c72a9165ed99bd | Triage

Sharing

General

Target

a0867d9089bda8af44c72a9165ed99bd
Size

579KB
MD5

a0867d9089bda8af44c72a9165ed99bd
SHA1

0f39a6ea3fafef298685abe8e229f1d2bbefdea2
SHA256

1039602fc744770fbf900b6cb8f66ca8d751faf9e072130e5b4035caf046511a
SHA512

bfb2e36fc1bbd987d3e078454fae5ffb8ce8269436640a910ad2b06dedbf607dd5cd0a64058b0c4d6f5f339956a152a02fc47276373898f13398c24fe33ddec4
SSDEEP

12288:o54cGJMEUX8DTJWg6KU1dV339r5uOM5ic4lP7xhrQH93XNX10:o54/UcTJnlSnr3M5iceTxhEf+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ-110146.exe

Files

a0867d9089bda8af44c72a9165ed99bd
.rar
RFQ-110146.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 842KB - Virtual size: 841KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ