ca3555440e8766f50d807bcd0d22a7c9ba7441aca7a822d324bba6f8c9e0ede4 | Triage

Sharing

General

Target

ca3555440e8766f50d807bcd0d22a7c9ba7441aca7a822d324bba6f8c9e0ede4
Size

686KB
MD5

4a20e817b78d0e94e87f8b283ed8c96a
SHA1

2c5e1811e226b209605f03266089e6ffa50239fe
SHA256

ca3555440e8766f50d807bcd0d22a7c9ba7441aca7a822d324bba6f8c9e0ede4
SHA512

34618e64b8cad9c51ac87a2e01000086a56b042336275025aa7234c5f7219b7fcf568c8c61a145d6839bd2ac8d9dd17ed9107b99351729879b155bc60acfd722
SSDEEP

12288:9SgGCuWe1J5OCYZijJmK+HhAYFCmkYqhsQUXn4Cjb5wUTWhYFyv2Z6v2wPCZl2:cgG/Laiizoe3v9WhYF62Cm8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/QTN-24002910-ASHARAQ-YEMEN.exe

Files

ca3555440e8766f50d807bcd0d22a7c9ba7441aca7a822d324bba6f8c9e0ede4
.zip
QTN-24002910-ASHARAQ-YEMEN.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

NPeV.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 757KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ