Purchase Order[.]gz | Triage

Resubmissions

12-05-2023 14:28

230512-rtgxxadd83 10

12-05-2023 14:17

230512-rlq6lsfe9y 10

Sharing

General

Target

Purchase Order.gz
Size

1.3MB
MD5

a5c16a16226698844fae06b702d7cd16
SHA1

51f3529f2f4972f2f8bd96301215b151d1b1ff2b
SHA256

3ed0594f9fef04feeaec1abc8f1ad0b85c75df614ba09377e394321ccb16e586
SHA512

1688f54f7f912a37cb1790521bedde93ff684f6abe9cd20f1a2cebd63562c39bb2df645eb94575fa0af3fc969a061ae5acb51285f2239071a04131de71155e65
SSDEEP

24576:M/Mel28gvSgwDFgx4V3/vNsOz6xE4Jj01FbrFsqRVEF3sMnKT4wAQ:MUel28qSgw5gyHyC4Jj01HxbEFcMnFw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase Order.exe

Files

Purchase Order.gz
.rar
Purchase Order.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ