REV_PO_#KRMU664_SOA TILL MARCH,XLSX[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

REV_PO_#KRMU664_SOA TILL MARCH,XLSX.zip
Size

520KB
MD5

2fae717878063b7ce60b11b6fbaa8508
SHA1

707a959b327ceea77aa564e7fbd5c3937104ac0f
SHA256

b28a88566f43eac31a7aa0dee9f51118b53ea2e3971eaa160c6985909259cd33
SHA512

853772507a1118cf69d2c63001e03220fbd6671b05df283af02dbe9b35782938a733a8b3492d0142e505771bae3a5b8c1e297c0c3b8b966a726a37958b1ef772
SSDEEP

12288:cvw4s3IF1rF9D/VJzfQxmYLehfSCZdx9FDknBDVyGxQNSZv9kRXX:cds4rzVxf37vonBsGxQK+RXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/REV_PO_#KRMU664_SOA TILL MARCH,XLSX.exe

Files

REV_PO_#KRMU664_SOA TILL MARCH,XLSX.zip
.zip
REV_PO_#KRMU664_SOA TILL MARCH,XLSX.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 683KB - Virtual size: 683KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ