639927d618b812cfd77638461dee8462d16ee991a5d46fea9eef76cc014a2872 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

639927d618b812cfd77638461dee8462d16ee991a5d46fea9eef76cc014a2872
Size

4.7MB
MD5

fc4c87200adf744146e206ce93603267
SHA1

a7b2e113705c39161c394ec70b3295b9d29ba655
SHA256

639927d618b812cfd77638461dee8462d16ee991a5d46fea9eef76cc014a2872
SHA512

602c898a74a99be0e9d0e770a3f5bff365645122576549162939198c6894f6ef77139885a97ee787241e99a9fc76e96fe215eac9971ff3fb73b19e52c24757a1
SSDEEP

24576:iD0OYUEyJM/UUYq9OJCqYyJ6wkBXZsYemohujcbNppFVbqvagDvdfdl40EyYMZh+:iDzYUDGsU39YLxgho0cZphbqvaK6oYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RFQ-773463738342337833748334.exe
unpack002/RFQ_000000000000034094.exe

Files

639927d618b812cfd77638461dee8462d16ee991a5d46fea9eef76cc014a2872
.iso
out.iso
.iso
RFQ-773463738342337833748334.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RFQ_000000000000034094.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ