QUOTATION-CMS-PURM-23-001[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QUOTATION-CMS-PURM-23-001.rar
Size

486KB
MD5

d4d5a0cc3d15879c07907d5b373873ea
SHA1

b7d9a5f4cc06c1b1d3abe02c973654a6cb5f7f19
SHA256

f17d3c637a85a90107c8c8675b999d18ba936982aa8b3143fd73ea8e85c1a56c
SHA512

e1c7d8bbc507d48b82981a9afdd28e9e9690e9bf118901080fd4ab0c6b7225e83543aa952ab80a4bec45af936e8f0f61717448f579851a0f59aa2ef6e3a2bc07
SSDEEP

12288:9WWPmi+wEb6TzbJhm+T65xq8cy3nA19pH9ga5v4Os5b/6m8pjdn88U:MWX+ObJhm+TUxqTwIH9H5ze/67Rnq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QUOTATION-CMS-PURM-23-001.exe

Files

QUOTATION-CMS-PURM-23-001.rar
.rar
QUOTATION-CMS-PURM-23-001.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 589KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ