Static task
static1
Behavioral task
behavioral1
Sample
RFQ___7363836.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
RFQ___7363836.exe
Resource
win10v2004-20240226-en
General
-
Target
27bdacdacc006511f54c059afd65808fe2d71c0c33faa3e33dcd793f677f14a5
-
Size
632KB
-
MD5
f1c6deacca21165dda8fc3b16ff55f00
-
SHA1
5966e03e748923f1247e3fd0357b9563da08880f
-
SHA256
27bdacdacc006511f54c059afd65808fe2d71c0c33faa3e33dcd793f677f14a5
-
SHA512
1414e8367fb2bcc0c852d48b8bfa00dc31c01c8975494f506148f0781cbcf9514df2d6a497448606502c2299cc979fd48b3e86088bff60a312b6b9465027f2c6
-
SSDEEP
12288:nH1VC3RYojGuaQg67RujpRSjgTUSbQIqGQDAV7l8zi0gKq9VcgtGZl1KcBnxkrx:VVsNGu97ypI2USbv5E6eW/ncbZCU6rx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/RFQ___7363836.exe
Files
-
27bdacdacc006511f54c059afd65808fe2d71c0c33faa3e33dcd793f677f14a5.zip
-
RFQ___7363836.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 648KB - Virtual size: 647KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ