1d1b4ea66069d94195de52481ac2edf306c65593de817b149b27c23ff0b6789f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d1b4ea66069d94195de52481ac2edf306c65593de817b149b27c23ff0b6789f
Size

705KB
MD5

efc737d0dbbf64b6e090fad66ba7c195
SHA1

d05e7598b23041d6e3f7b77aa6e0770d3019f458
SHA256

1d1b4ea66069d94195de52481ac2edf306c65593de817b149b27c23ff0b6789f
SHA512

33f121cce135cb0fae811a56b389ce1b345b6a6235dfb51129145e88320ee3f31b4225ebf5525a21d87c4f8b74dc52bb219849404bc10fd88bd6ad617bbae5ec
SSDEEP

12288:bFDfgDElOPAoZtM1g/20B0P39KRr7M5i7dCCaPafsUYomn1prt67Df1dq4VVHNNe:RfgKG/MCUtKC5iKyfsUYoGHt67DNdFVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Q1157RFQ.scr

Files

1d1b4ea66069d94195de52481ac2edf306c65593de817b149b27c23ff0b6789f
.rar
Q1157RFQ.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ