shipping documents[.]xlx[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

shipping documents.xlx.rar
Size

624KB
MD5

1d7a23235e220cbfb2a6bc229c564451
SHA1

56632f9d576ecb22b3a24e2d0913741bc2c93c60
SHA256

c577f00274710ba7f5a479f34ab2fe31948924dc867d5444ef46de316b2710d8
SHA512

7a49b2af5466bed92fdd87d9e75e2e82cd35c37205c8c4fcca72c6dea7c2fa67b831977e647ebe910bb5d63560932dd2914dd1d01aee698a2995563124a26ae0
SSDEEP

12288:RH6pMat7AaeVz4IHEazIk8UZAkx2mWm0JjZ0GsrSZJxR6HmC4RJ:8PAjV0IHYD+hjYJK+bpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/shipping documents.xlx.exe

Files

shipping documents.xlx.rar
.rar
shipping documents.xlx.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 814KB - Virtual size: 814KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ