1[.]rar | Triage

Sharing

General

Target

1.rar
Size

864KB
MD5

9c68bde2843d8b4dbff53362148db2f5
SHA1

d876467cf5857eca62385f5df6653ea2908ca5b0
SHA256

fd615fdf86a726bb8ad810209e149deee8b4d1df51a03d6e895442b903d18136
SHA512

0464c9e0802e5a8b792bb6fe3a9167dfdd25823e4201c6cf7ec96339710bb86a659f2605c245840eafdd73728a6924bc69aa6e55c706d1428c51a317a7e97a07
SSDEEP

24576:1moIL7zdv7tkHQXWiI9WCb7TeBTsT3YMKg4:1moAzZ4KI9yB+4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/REF 2206E43460.scr

Files

1.rar
.rar
REF 2206E43460.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mmxg.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 926KB - Virtual size: 925KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ