parckingList -Invoic00 BLpdf00[.]r00 | Triage

Sharing

General

Target

parckingList -Invoic00 BLpdf00.r00
Size

597KB
MD5

3aed0e1a5d6b9ea0399ce86cc787b392
SHA1

cb7e064f3de7f4bd7f98a4ead0d354266bb12148
SHA256

e19a66397a3a9196cf62d9ece12634289a39ad93c6772deb64bbcb487077aa64
SHA512

2406c6e04863fffe2361a51dba13d1190d9eea1c3be1de8d432f374bf7a628a35b51a2de0c6fb7269a2add8e7542bf8ffe1ee265ebd4ba5cd0c4596230e7c37e
SSDEEP

12288:0R/dTfiz/plPh/GuLSc9sLg0AlAoQHjNf+fGSQVfyo3uD5oDETjkc:0RtfizxNhOu5sunkRfQuhbIjkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/packing list -Invoic BL.exe

Files

parckingList -Invoic00 BLpdf00.r00
.rar
packing list -Invoic BL.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 674KB - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ