379d64b633cf00cd32b301610d7b8a5808d6f48171b1e5ed93f77ca3a38d0b22 | Triage

Submit
Reports

Overview

overview

Static

static

Purchase_O...Co.exe

windows7_x64

Purchase_O...Co.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Purchase_Order#PO7211A20_RFQ_Hangzhou_Zhongniu_Import_Export_Co.exe

Resource

win7-20220414-en

remcos contacts microsoft persistence phishing rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Purchase_Order#PO7211A20_RFQ_Hangzhou_Zhongniu_Import_Export_Co.exe

Resource

win10v2004-20220414-en

remcos contacts microsoft persistence phishing rat

windows10-2004_x64

0 signatures

0 seconds

General

Target

379d64b633cf00cd32b301610d7b8a5808d6f48171b1e5ed93f77ca3a38d0b22
Size

190KB
MD5

ad51f097cb2122fb7ab8f096133c7c57
SHA1

fb50563a7c3362f24b9e5341fc673ac8e73952ef
SHA256

379d64b633cf00cd32b301610d7b8a5808d6f48171b1e5ed93f77ca3a38d0b22
SHA512

6c32e8f1280c0bd2df93bf9e2147bb33dbe6349a47c65dec86fc0163c589771537a778c370d7e3fc7785b3ed7ce8c584af08dbf16759d48c877e6b95e6381758
SSDEEP

3072:fuGOQuRf/Jl4jWuFPrq6d1cQOS+MtR5Ymd6EgQsZZRdXPfeOVmsdnZbIMkfx4j58:BOvR5l4SYzq6Jn+MtRymQEgQUdXPfeoW

Score

N/A

Malware Config

Signatures

Files

379d64b633cf00cd32b301610d7b8a5808d6f48171b1e5ed93f77ca3a38d0b22
.rar
Purchase_Order#PO7211A20_RFQ_Hangzhou_Zhongniu_Import_Export_Co.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy