PO UYTTFCFGV[.]xlsx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO UYTTFCFGV.xlsx.exe
Size

650KB
MD5

c99e5ccb68299a23f6fa9a7a36325867
SHA1

5bf0fecc04747bca1a7dc08a1a304e168a20cc05
SHA256

d6654ee2d57b0214817b36566231ab8cebf9b0a40ceef8c1396212fac3da99bc
SHA512

dff955d8c3d269ec8a2bf87eb509eceb3bb0089f9e27d0983d68d8f97b0143ed3b7f8199c4513e7cabf628fc8efef3d08d9af8645bc28e4476f88950e65e7b46
SSDEEP

12288:T+tzLwrapME+sS+IKmi7nplQ6VILeOdY1nRqYS76z+g52IpWZa86ly:NTFsWKmK83L3+1Ru6K6HwZably

Score

1^/10

Malware Config

Signatures

Files

PO UYTTFCFGV.xlsx.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 638KB - Virtual size: 637KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ