Static task
static1
Behavioral task
behavioral1
Sample
QUOTATION_OCTQTRA071244PDF.scr
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
QUOTATION_OCTQTRA071244PDF.scr
Resource
win10v2004-20241007-en
General
-
Target
1.lha
-
Size
57KB
-
MD5
a0b4f356a44bcddee01703b532e8d3a2
-
SHA1
6ef84650d79b4824731e8282bc62a1220441e58b
-
SHA256
0bb05b89da1cb1513aedce4415408f654b32a4f5d081fb7a4c5b997ac48e160c
-
SHA512
ce47f27f08e32b37650ab75e9ed0b62bf57766114e7d79094b66915a3908fa91a620cf7ac3d1af9a6776297c87ab693e4cea92d9c12630ae14e2f199f8c8d19d
-
SSDEEP
1536:Lc1wQO3m44A/adztYBOIMfRmgn1d4EVEktLEy24zIieDxuW:Q04cMYBOpDQEjauWwW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/QUOTATION_OCTQTRA071244PDF.scr
Files
-
1.lha.lzh
-
QUOTATION_OCTQTRA071244PDF.scr.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 123KB - Virtual size: 122KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ