1f1628d66f03ac53d358a3bc78862fd9d51aaa134b88412cf151ae5b2feb57b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f1628d66f03ac53d358a3bc78862fd9d51aaa134b88412cf151ae5b2feb57b9
Size

615KB
MD5

7bc799a2b76b6498c85b451c8c35daf5
SHA1

c7627a0d0d9c0ca72cb212392aa3630ddb2bcb44
SHA256

1f1628d66f03ac53d358a3bc78862fd9d51aaa134b88412cf151ae5b2feb57b9
SHA512

6745fd7972df23e834305bcc108c26bade54cecf24076503e52f6faa5c2a62d5712d8d1764b90bc616f301f63f6742f17fef966c8326e08bad5a29c46a0c6797
SSDEEP

12288:Qkfo1Pk5EbASS5szjDrDoJKpm46KI9h8V1ZWzQkp8L1TU0:hyk5EbiszrDoJKpmZKg67WH8L1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/quickbook_payment_for-Invoice-xls.exe

Files

1f1628d66f03ac53d358a3bc78862fd9d51aaa134b88412cf151ae5b2feb57b9
.zip
quickbook_payment_for-Invoice-xls.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ