06092024_1402_06092024_RFQ (FPU - CONS) PR-263[.]gz | Triage

Sharing

General

Target

06092024_1402_06092024_RFQ (FPU - CONS) PR-263.gz
Size

734KB
MD5

f30275b67a09a7e1500178886f386160
SHA1

fd66e869f588f47e7120dec3996ff6a00d047892
SHA256

78476f883ad659a1be4250cf27caf6fdc4c46bc29ea2fe4284434b9d5d901b21
SHA512

f1daf3c1a53ddf8cd8f2f115f116b424c447aa7ecd3a96ecc3b590c4b72ea01c7ad5db9b935f5ca98a1b6e161068507c133ec0ff0037b7f49a5af98ee9eaa687
SSDEEP

12288:ynWDBPIDltk+e9xYhn7y9UWec5cbTc+Jz93fxrZ8nXuBzNvXMnDXLff:yW1PIpeqN7hW5cR9VdB58DL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ (FPU - CONS) PR-263.exe

Files

06092024_1402_06092024_RFQ (FPU - CONS) PR-263.gz
.gz

Password: infected
RFQ (FPU - CONS) PR-263.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ