Static task
static1
Behavioral task
behavioral1
Sample
RFQ 1100-656-02.exe
Resource
win7-20231129-en
General
-
Target
RFQ 1100-656-02.ace
-
Size
841KB
-
MD5
4114f0297ccb4ec74787cd25a71ec727
-
SHA1
e07c62c1ae10934ef698a8ac5b5dc67b9fe2bde8
-
SHA256
a5d707684f36df7d6046e10f9bd793090d5750716895c366ef7d407988a2bca7
-
SHA512
bba0f844cbde1475f3f38e18cafc6f630c24c9ca0ac8c674f25c8b1436f0dd2ed0335b9dc69c860e9fcb2acc7b69c8f73d7ff06c179011921ccc43b72b94196d
-
SSDEEP
24576:h2W4bzKA/ZkHJXGfDJJJu2lm4SeCWloDkOgGQLfb:0PbeekHJXGtJJu2EBNWl4kf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/RFQ 1100-656-02.exe
Files
-
RFQ 1100-656-02.ace.ace
-
out.ace.ace
-
RFQ 1100-656-02.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ