Purchase Order[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Order.exe
Size

681KB
MD5

fc56d2bc4fc963da5a949a38141bc549
SHA1

935336343125c22aa3227c26fb9014ae6576da61
SHA256

7af072164e5fc3c39c58fe100e422e079c2b98ab185065962569ac8b12c7517c
SHA512

eab80c860eac505412486f46157cdeccb98a56c7f6a73730fe436cca0cef4bae31bad8cfb6f3097f361428dd05508fa1d9640a32f2c0932c6843ad00acdd2d42
SSDEEP

12288:VysSrNXgXKcYQcIMQWytGtgZCItzqxVlHeU9MbnpHoc+:gNaK3TvsCgZCIwxbtMbh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Purchase Order.exe

Files

Purchase Order.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 673KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ