d6cf5d47f2f1feebdfd5fbf39c235d9da77efafe04bafe766ccfcc0a990e6ab0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6cf5d47f2f1feebdfd5fbf39c235d9da77efafe04bafe766ccfcc0a990e6ab0
Size

76KB
MD5

4fa93c82042dd3df21d37187d483e1d2
SHA1

04f8cd5c46bf1d0e6f1b71e775cb424e4c995b4d
SHA256

d6cf5d47f2f1feebdfd5fbf39c235d9da77efafe04bafe766ccfcc0a990e6ab0
SHA512

716cf0184926b2b53be2097b15580e19d4ff7f041f92a235bdf10e5986c882b44c74320f0b6df6d5126f2763a7786f8083c96ec588988899cf6ed7d4a9855c55
SSDEEP

1536:UL9IGsloOnyciZBiho+98kOlEQQh9Y2ZKMl4fn6p+Jy8:UelVyZwn8xlKj14f68Jn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RFQ__PO_PO 24090041-PDF____PDF.exe

Files

d6cf5d47f2f1feebdfd5fbf39c235d9da77efafe04bafe766ccfcc0a990e6ab0
.rar
RFQ__PO_PO 24090041-PDF____PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ