Static task
static1
Behavioral task
behavioral1
Sample
Quotation.exe
Resource
win7-20240704-en
General
-
Target
15082024132615082024Quotation.gz
-
Size
2.0MB
-
MD5
4340b7d5c8fcbe5d24bb095a3aefd53b
-
SHA1
05acebc7163eb64b4b4a641383880cb6dc120349
-
SHA256
e0d62ebce780590ed7135092c914017436aa6402cc7a110c8c32386bd27e8083
-
SHA512
a786fa47217695d2050d7024d2e3fd6720e16acae41e65b025246e72ed3459588cefcb05788dc9103fb9452f86ba283317725e7462de37d7796e35ad3c9e9b42
-
SSDEEP
49152:cJsgOSpEMf8yUc7Pf+MC8u6I4+A0bseDNEj2mhTxBLkLEjV:cJHSMfJUc73TWN490QeDNs3kGV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Quotation.exe
Files
-
15082024132615082024Quotation.gz.rar
-
Quotation.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ