a822b0fae2a8fdaf62f37607c82fd7ed8350407092fe119b9f7b3afca97612b7 | Triage

Sharing

General

Target

a822b0fae2a8fdaf62f37607c82fd7ed8350407092fe119b9f7b3afca97612b7
Size

1.1MB
MD5

bd9a31a02bdf12d7ebc911daf6d15491
SHA1

baccaf933a5f132b50a9c2d92108ce0e1822afa1
SHA256

a822b0fae2a8fdaf62f37607c82fd7ed8350407092fe119b9f7b3afca97612b7
SHA512

8646f9f71e634db7285e90ac3e2082ecd6b3cf87ebea8ba98bba26134f228c943ba8e607b62469e6b76b023dcd9157605a3b3880ccc9e9c1821ee1a1c3d4949a
SSDEEP

24576:sBlngwF1MFch0jnL1Np07d+XMiBlngwF1MFch0jnL1Np07d+XM9:WL1MGhcL1ImMcL1MGhcL1ImM9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pipe & valve BOQ.exe

Files

a822b0fae2a8fdaf62f37607c82fd7ed8350407092fe119b9f7b3afca97612b7
.rar
pipe & valve BOQ.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ