PO[.]No[.]660240685[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO.No.660240685.exe
Size

357KB
MD5

79a6f712cc73066c92092fc4579990c4
SHA1

83f738eb080079bf67d184cb35c337edab2d61f9
SHA256

86648f1e1a5b64739d1ce7fb718567b0a2e8f96f1f5eb5361d32e3931b0c22d4
SHA512

77dc22676d4e3daa74623ffb6087a3d81534dcc4ad76a85ccfffeb297141985671c8e66848414ec3ae296fc1ef4ad014ec381ec3e1377553786633c25601b3ff
SSDEEP

3072:FzTNwme7IkrAsypLIDyimbNWo/KwlppAX/JhkF/ynQNaWW3FIWAnBaN9b7iE8BwZ:Ume7WPpL6mbNWo3lYMF8W/HngNh6rt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO.No.660240685.exe

Files

PO.No.660240685.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ