Purchase Order CW289170-A[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Order CW289170-A.exe
Size

501KB
MD5

9259cd147ed5880ad2b0c4b681e0db4b
SHA1

d0341177f21804fa550600235ea20056f3f2e311
SHA256

ffbc5914f16b287d3ccd7b855e634db5d95fa14596868d7dc29aaa9dd7f4180c
SHA512

fd7299e50058e02fee34d2ca7f60406f1f5c044d5e7ef31f37ad3218be921be5f9045e82a613c1a096553eff5d740c1bf7d7efec97996ac1d61ac31151594142
SSDEEP

12288:GWV6X6FqpgHEcOyApIvnzGgbJ0kqTrQaSejL8Ze:GQWpgErIvzhbJBqTrQaSejL8Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Purchase Order CW289170-A.exe

Files

Purchase Order CW289170-A.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ