Static task
static1
Behavioral task
behavioral1
Sample
2023081922.exe
Resource
win7-20240508-en
General
-
Target
RFQ20230822.IMG
-
Size
2.2MB
-
MD5
d9a8fbecc096f4cd0987cf9dfdcbbdc0
-
SHA1
2d337201994dea760e2e355e93ea13dfcfb14e94
-
SHA256
2478d47791b452461742e4de526a238c932c6ce97bc3784d2146bc7ff2586e29
-
SHA512
99bd35449fc1b53b46c27239f85d80ffb5d39d1c0749974bd7949b6f073d8197b83f9ae98985df265d550deb9129b1eae4f8fd970a808350e0a97e66afce1941
-
SSDEEP
12288:jFFXX423r9llnsa9awWlMNXJPqNqz+ggKj7eI5Z1k:jHXZ3Nsa9aTqlga7eK1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/2023081922.exe
Files
-
RFQ20230822.IMG.iso
-
out.iso.iso
-
2023081922.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ