INV[.]0817, 0823 & 0915[.]exe | Triage

Sharing

General

Target

INV.0817, 0823 & 0915.exe
Size

951KB
MD5

8d339860222982467bb0d51356e2a3c3
SHA1

dcec9f0a59185ea2d2ada0a791c245ccf8b0cd1b
SHA256

453859768f0e0fbf29700f3212b5072d0914cba8c1b79e775bb745297eb9081f
SHA512

17d5472ef09ebdeeae899263e7ddc71224307c3f49bb67d31d4830c2b508cd72dc4d5860d3eaaf046d270ef484228b797ea3a3649f142f15ca93b76ea648387c
SSDEEP

12288:ntHY6rD6Cb4xDTtu5dnVCS5QC0esTmAkry/830IYdSnoclEna8ChHkb5Uxr:uYDrMU5FVPvzgWy/8kldSnjhLFkb5UF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
INV.0817, 0823 & 0915.exe

Files

INV.0817, 0823 & 0915.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ