017VIBJMR0082023[.]CAB[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

017VIBJMR0082023.CAB.rar
Size

430KB
MD5

e7d5521661269d516a82ba053d04ee86
SHA1

582b5a2a0ffcdf9cd1e00147560de532cac79e56
SHA256

1c9f12c685446e46fbc6ba44bc84f75636e669669c2af6a2299588b2407a5628
SHA512

35a56c82b349dfc1b1dbc3fd7342c727956532537a4218ccb90fa57ec0b44fe8c8cfcd15537b9aa941641f6a66164f9385f7af8f3aee8fd96d7dac0e3fc3f4b7
SSDEEP

12288:LeJ4YwwDLraIe2ErQgASDsFC+PGKXflaD:yJTHraIgQnp9PFvl+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/A.exe

Files

017VIBJMR0082023.CAB.rar
.rar
A.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ