Static task
static1
Behavioral task
behavioral1
Sample
rfq_PM environmental.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
rfq_PM environmental.exe
Resource
win10v2004-20241007-en
General
-
Target
dae268f747efbd772be9bccc3cc33a9486cdfaa75a8b3da9f56f119924098479
-
Size
621KB
-
MD5
688b9794b446d80f0fcfe088b4d9c1bf
-
SHA1
0025e904666fb27efa016c14d89ef00e8c62e69a
-
SHA256
dae268f747efbd772be9bccc3cc33a9486cdfaa75a8b3da9f56f119924098479
-
SHA512
72dd8c09e911fbdcc6e74699762051f9bb972006588a5b1352decf3892aaa7e714ad02cb3f74b3863fc4ea99982cfae5e42ede7d65d4574e092b02a2124cdd10
-
SSDEEP
12288:T2n3rRcLwW7QBlWU34NZa0mq3E1nlrlSb1bUAYWPn7Gy8e6uX:T2nbD+Q2U3p+E1lrluF1vS+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/rfq_PM environmental.exe
Files
-
dae268f747efbd772be9bccc3cc33a9486cdfaa75a8b3da9f56f119924098479.rar
-
rfq_PM environmental.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 610KB - Virtual size: 610KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ