Order Specifications[.]tgz | Triage

Sharing

General

Target

Order Specifications.tgz
Size

1.8MB
MD5

35bfed3e79e4f92585a9ebbe1b6abb7b
SHA1

b1227eea7551fba1382be0605103652fa4941aa5
SHA256

90e6b30c2f8303d7416e222d43fe7e777619b7e5cb0f9bc0d08cfb36fee4a899
SHA512

a6f9ea575b5bccde376f632f64f46a9d6ff065a21aafd61e1ed34b7d1e67d6854249c3bdf4cb942edf3f91ce303db7218a1e0c412ec12c16d3e8e1536fe3833f
SSDEEP

24576:Nokbikzf8rQtg7vAliSlxlObS0gnIjQC8pOyp1rzaF2qLhxvjJ:lb5f8r/LAl5lWgnIYpOcHaFxPvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Order Specifications.exe

Files

Order Specifications.tgz
.gz
sample
.tar
Order Specifications.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ