Po And shipment Address[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Po And shipment Address.rar
Size

529KB
MD5

66023dce1d8f7d9faca602d35570de07
SHA1

c12e325f5535e26040f63f69b19693398392a840
SHA256

0965666fde36f37df220b49f0ff0c13ec280328e895fe6017d9b1fbb6d4e744a
SHA512

e7cb0895221450f9e06b6b63d07cabcf4ffd99d1348e2363e6a640d4e2ff7031da11844053cb52ea780ef9b57abb70833a1df242760bb2b64aca235a75f048d4
SSDEEP

12288:9GK7ODuv5MKWDPnVIWpcMSq70/vlv4UBdPwO0NW7NOE/ByNO4kdqd:d7PwD50RNPT0IDuO4kdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3tJaaJpzUDK3ccx.exe

Files

Po And shipment Address.rar
.rar
3tJaaJpzUDK3ccx.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 550KB - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ