open-order#456789[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

open-order#456789.zip
Size

619KB
MD5

0d5c9c21accf41c27d556f5b952ce01b
SHA1

c5e0580ef43a852e2ea105c7f7d154f68e228893
SHA256

624d258bf73ce1512a710f417fe9bc09f649feee82527c55de7364fcbc4a9e07
SHA512

db6a50df9d4bd664c8aecc5be3373c9e2ef8149a7375b55423cdcfd3e40195678be41d3c79698776985bd18f30a4c62cba11641c3231aecb6d1354ded7e4dd60
SSDEEP

12288:ri3v1ATO9bqHePK7WQ+HKlLMh0NOgbgeQFQT5JB6xU:rACTYq+SqQ+Kloh0fdH5yq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/open-order#456789.exe

Files

open-order#456789.zip
.zip
open-order#456789.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 768KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ