QUOTATION_AUGQTRA071244[.]z[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QUOTATION_AUGQTRA071244.z.zip
Size

25KB
MD5

85c2ec9d09662fdfa5ddb95726f6ce8c
SHA1

a920b272f4c752088e8f5517bc4fbb281c7c2d57
SHA256

f1fe9cb4d1dcbb503251cc19f74d4bb6f98ca595937aae08e7be6119759ea814
SHA512

c9fd5efa3b442f1d75dbf90e283c8ed996bf42c39455a8238fb506647ce6868f0342a148bce751ea54c8b98a6916dbbea94da5b3f52dec032a4bccc05a6b7b62
SSDEEP

384:2V6+wzjEbzfRVZFdJ0WKcS7BBsIqQ8FbIOxRPs4JwFFeLLYbV+1p:UZKj8zpVZtJKcSFBsTQ8Fb7xarE9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/QUOTATION_AUGQTRA071244PDF.scr

Files

QUOTATION_AUGQTRA071244.z.zip
.zip

Password: malware
QUOTATION_AUGQTRA071244.z
.lzh

Password: malware
QUOTATION_AUGQTRA071244PDF.scr
.exe windows:4 windows x64 arch:x64

Password: malware

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ