21042024_1436_dqtbsbi[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21042024_1436_dqtbsbi.exe
Size

747KB
MD5

183bba161def1994704370ff9d18145b
SHA1

bcc50fc51e7ffaaeb5a530db93d65e8e6061e892
SHA256

de801be2ad6e1a9ad3e37fb667530ab64fccaf955c6594557740dced1c0707a2
SHA512

fb30b6d015bdff8d7267344fe17b1a702c2f24e110e7843747cf38b08733342dd6e3d6c8f620c524638042004ab1895c5f73b7acc12fe2ee2ec411516a5a2d9f
SSDEEP

12288:NZD8eGXTfBq1+8E+yREkmBICa2WRLqVgvnFi+wGnyj0i2pBW9:NtrGDJU+8EdREdICaZqVYnFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21042024_1436_dqtbsbi.exe

Files

21042024_1436_dqtbsbi.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

)[?e]3
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ