09102023_2017_09082023_MSC_Number (Booking number4AD69200IN4)[.]arj

General

Target

09102023_2017_09082023_MSC_Number (Booking number4AD69200IN4).arj
Size

691KB
MD5

827b82811be3025dd784d43ef863d521
SHA1

b1dd4b8765653125752b5edf15404c80803164aa
SHA256

d259ce696c647845521bcfbcfd94a0484ce66b78e6d39709e605d4913a1848bb
SHA512

e511cef62e89c6c346bb68098c4ca9ddc4446d9807964d4e9765c5b7cf79928dddc2c4589fc899455d1fad4abcc422ff1872cf57ce780fce45eb2e0b3d35c3bd
SSDEEP

12288:5G5KUDDsLKNjYbCKSggGmY4OA4sXTnn1Nkd04pOoP5c5hyH7:6jfsONjWCKSggGJYjn1id04j5cvyb

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MSC_Number (Booking number4AD69200IN4)_xlsx.exe

09102023_2017_09082023_MSC_Number (Booking number4AD69200IN4).arj
.rar

Password: infected
MSC_Number (Booking number4AD69200IN4)_xlsx.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 991KB - Virtual size: 990KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ