sample[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sample.zip
Size

290KB
MD5

45efdfd319ab2c187c527bb82447a5c0
SHA1

af92a2f82731b9f486a672cb82af51bae24351a1
SHA256

4909286bce915bfa52e7c9e790528c6469daecb4991cc7e6610ab41a3fb67f04
SHA512

ffa0cd07c45d24aca6e57fcdb6a118116be7321e44b29e3b9d53e01d8150bbd0a0ed5b513428c36a01532c06e8890067c66e9d0793b1bbe2ebcdfd52de00578d
SSDEEP

1536:CgdhUfDnj+eqc39FHVR6Oc86ZYIDSAnc6jVZ6UT0Is3SprLI9cBdba+E:CvffLNLYOc86iZcBjVZ6i033Sp/5H/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ_410000045432200004550.exe

Files

sample.zip
.zip
RFQ_410000045432200004550.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ