PO No[.]254990-81723[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO No.254990-81723.exe
Size

365KB
MD5

d3ab93e6d2800c99ae6162a5a543d9a0
SHA1

317d3d2aa1b8061185b3f4d03a703f217b17cde8
SHA256

555167e9e575694210dbec92ae3499764217f171205a89d212b1fa3cff0a6ab1
SHA512

bd193b7a37117b138b42ce69c83e38e4aa83bbd255ce6cd4f349acf5f4ae46c8c02cc9d4775680de3bcf4d52aa15062e250d9127165059dd876518376ca2484f
SSDEEP

6144:8me7WPpL6mbNWo3lYMFa2yWrczE196pUUH0t:81WPpL6+WoiMFab+96pUU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO No.254990-81723.exe

Files

PO No.254990-81723.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ