38d001f543f7e37f3560192fcb5181d49c02d3a94efa967da879c68b46084261[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d001f543f7e37f3560192fcb5181d49c02d3a94efa967da879c68b46084261.gz
Size

291KB
MD5

333e0d575f53a2a943033229dfe001c5
SHA1

75daea8cf9d18eb168b11a1cab22f6ccd04a5802
SHA256

38d001f543f7e37f3560192fcb5181d49c02d3a94efa967da879c68b46084261
SHA512

d914b10558c0f56a855960013e3699338708daacee325949539340e41fdf45720fa31be367833bc0b48d7da32b17f042d7250c34975941956fead85b4084b3be
SSDEEP

1536:ZQ9WNSqKlRGrkR2vsKQNfX1OD5+KeNE6mLE/uWa/vRrg4sok4iRwzTOL1puk:ZKiSqmEkIQG5M+gmbbsJGOL1px

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RFQ_410000045432200004550.exe

Files

38d001f543f7e37f3560192fcb5181d49c02d3a94efa967da879c68b46084261.gz
.gz
sample
.tar
RFQ_410000045432200004550.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ