business inquiry[.]gz[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

business inquiry.gz.exe
Size

513KB
MD5

83b3f4c0ace645f01341ad18e47289fb
SHA1

8b9bf624b6fad334f0ceda95c28ca7b45cfff8e3
SHA256

c9cd4f96ee3af2513298b62ff2f1c877364fb537fa3d70ef5268db133a4b9b85
SHA512

f0b8c4f46411117cf933e7bf6859e823d96d2d8a550971d7e472b7c6388da6b38ae555cbf642a4b7aecf47b2084fc1a3cda38f2ff5d019f88670589aeddf79fb
SSDEEP

12288:eqLAr86WomaptByv4FADiom6DCcbniw/aeax:ekm8vomWc4ODioliH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
business inquiry.gz.exe

Files

business inquiry.gz.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ