General

  • Target

    q.exe

  • Size

    380KB

  • MD5

    c1e9cae3895e47557c49da02e857331d

  • SHA1

    cd606c216cdf514fd64b714037a75250007d90b7

  • SHA256

    a833220123f1e042399406b33817c857fec4d4471f9332b02abc390e11dae2e4

  • SHA512

    f4ede6b4caf0267888fe5cfaacfd808a4ef15c5b87f186211c57a75d77b3d4915e2851662e0528370deec6a4f974dce95ce1bd6df1a62c6675ce0d1bf717a486

  • SSDEEP

    6144:HT4DtVpZI3UNm5XuEneTjst4l4hjVKLWWC4OZol37D3XmkL+VHjFz3+vaEfT:HTgUUEeTmzJKaYOGlXnoDdqlT

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • q.exe
    .exe windows:4 windows x86 arch:x86

    6e7f9a29f2c85394521a08b9f31f6275


    Headers

    Imports

    Sections

  • Bilipurpurin.Sla
  • Borsht/Overimmunize/Cykelkurv/Celletyper/lectured.txt
  • Pidginizing/Halvpunkt240/Forblack231/Otiatric/Ergs.Tha
    .ps1
  • Pidginizing/Halvpunkt240/Forblack231/Otiatric/akkumulatorfabrikken.str