New Order[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

New Order.zip
Size

573KB
MD5

c5807c526fc56b1e6e1b04a99b3e28cc
SHA1

2c06d89685fd79a2f7c59bf113a6fae8dcba22b6
SHA256

afc56f3cbc454b52c93f0a03e09362e7fa8423a356832a53534db4ced8ff7160
SHA512

a194f9a375b186327e668b96c66b29c58e5818e8b1368e3e2d72322d2b47b2448748e792c3498d6bf7bfd9c4d244692b288a5f75994c062bbd29d7868bd459d1
SSDEEP

12288:xK+wcTC8M5bTJR0cZHQg3N7dn/o7Qk2lUMFcMB2rmKSvna:xAwM5bT0cP3N9fkLMKey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New Order.exe

Files

New Order.zip
.zip
New Order.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 897KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ