e9a258647097a1bb7ca201728c40f8bdaab85c552285cd82c68e897b31051d34[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9a258647097a1bb7ca201728c40f8bdaab85c552285cd82c68e897b31051d34.rar
Size

693KB
MD5

2e906cfdc32bdeb8b2f0243415351c04
SHA1

25cfbad47e1606270653b947bd60f7f29f6c6aae
SHA256

e9a258647097a1bb7ca201728c40f8bdaab85c552285cd82c68e897b31051d34
SHA512

8ef7aee361938e9c0faca90581f07f7a48750a35e1e725a6a1cf5c8c6d05f82cbde8fb20dd7565e2e1eab57042ab1912d16c28d5c2a89ed68a03071aca567dd0
SSDEEP

12288:FjrY3QB/bWYyNBItmC/A6KDkvY67kSUR6hrEDIUYzvbIfeXVpzcwiH:FjUgB/bWYEBiDABh67k6hkInDbI2nzYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BOQ and Drawings.exe

Files

e9a258647097a1bb7ca201728c40f8bdaab85c552285cd82c68e897b31051d34.rar
.rar
BOQ and Drawings.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

LqgT.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 726KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ