New Purchase Order[.]rar | Triage

Sharing

General

Target

New Purchase Order.rar
Size

596KB
MD5

d6dda4b1b3d4a780722a05c1992a1a4a
SHA1

cb1ab0f17c1737cdad328f8de76875b357d1acb3
SHA256

a673f0c5de030dcaa3de2d4bc8a01d8f89aaeeb81829bdabab5fcd14eb7c44f6
SHA512

ea73636be563f38e6431f20a64455902167c2f87595b3feca7c70472ca0c8983939c9be4c66e5694400ebd6555cd5a7ae8db6b5e786970236e750771aaa78195
SSDEEP

12288:2ShJHSa3KXX8GP61c8yfkbWbPpgWnOz3qday5DsB1Xg0MBPYi8lC8aA:LfKqK8ygYml3qwmsBeBPYzC4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New Purchase Order.exe

Files

New Purchase Order.rar
.rar
New Purchase Order.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ