PURCHASE ORDER 08222023[.]tgz | Triage

Sharing

General

Target

PURCHASE ORDER 08222023.tgz
Size

717KB
MD5

1f79079be88a8d53312eb75e61ce772f
SHA1

60ac791a65fe26cd715aa341d1032e293e3311c3
SHA256

2cc4c60208eae2362f9e6a63df85a338146fc3f449b52901e6c0de2ac23ebd84
SHA512

3a9a8404849d7d46e8ee20e1e91e4149ec436e1b28217302b65a57674eaac1ffa26d365fa0d45a72eba0ca8fa912c64485e9fd2cbdd3153ff88d3f7347b3d022
SSDEEP

3072:fE5iJCsUsp9NdwIAEc+LKh6/DkY2KwzVoC:fE5wCsp3ws3KykY2KqVB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PURCHASE ORDER 08222023.exe

Files

PURCHASE ORDER 08222023.tgz
.gz
sample
.tar
PURCHASE ORDER 08222023.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ