CTM REQUEST BIRTHSHIP[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CTM REQUEST BIRTHSHIP.zip
Size

532KB
MD5

e1a4c414637ee00c7f2cfa7c1fdb60ec
SHA1

bf97a6a40e368c7682362a7ab0193d7f4d2a3a33
SHA256

a468e8655a9d53ceb02ef5b2208e6e77ec3e90c44b89030880914e45df166a8a
SHA512

2d9e181acac5ea5b4bb770bfe31638e00ca67368805e1e63c14fbd8108027dbd7b3ff47284c6b21b0629f293eb5dab89867179ff20c0ec08be9cb3238d3c83d2
SSDEEP

12288:OK2NYNcDUQfDwO+BNZeZKtwhljW7w+mmePQO0iobAsRQ2:j2miDUiOBmThEE+mFP/x9sZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CTM REQUEST BIRTHSHIP.exe

Files

CTM REQUEST BIRTHSHIP.zip
.zip
CTM REQUEST BIRTHSHIP.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ