Shipping Docs INV&PKL[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Shipping Docs INV&PKL.zip
Size

565KB
MD5

eed823691316d073468bf4e063e5019a
SHA1

0c00d773942a6ff3532e266a5aa1afb2d3d535ca
SHA256

f3f68bb1c56ff9c02ee4334c76a9c439f55a08a0cd77ac72138813acc1c2af9f
SHA512

cb761716e4c94d32296fd7da03929c47b09b5efaa3633362627e864f5a8e6adeacd9d29417c08bd8914c439e46db1c78da2bb13d2e99fd39c8266e954fc7f2c2
SSDEEP

12288:Gtz5iao+E1yBiY6XlfVO4Hna498pIXX5UYLpKyI220Bi7N:G55qtCvu3aY0IXX5UGXIam

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shipping Docs INV&PKL.exe

Files

Shipping Docs INV&PKL.zip
.zip
Shipping Docs INV&PKL.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ