Fwd Shipment Arrival Notification of 772165397672[.]rar | Triage

Sharing

General

Target

Fwd Shipment Arrival Notification of 772165397672.rar
Size

660KB
MD5

22cd4b57176253afb3a21a8125691393
SHA1

b44a5ddd22c4029a8032c227cf2ed02125b6dbb7
SHA256

c8e8ec4644a64a23dc4d77aa42f20015e3acc28c685365029018f4e1514a07bd
SHA512

4140096ee95c551742694622718e8545b9bc06207af6d957ac1a6dd42ca993da74f227bf98846d637a3d7787ae7ebcb80319ace81197b87a90c90dc0a81358a7
SSDEEP

12288:EsnB/erJcM/kIFHB9PrLvzk1PqvwbmtdNBXYlSx0mAhTKCX:EssuM/kINB9PnI1yYbudboI0mGT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Fwd Shipment Arrival Notification of 772165397672.exe

Files

Fwd Shipment Arrival Notification of 772165397672.rar
.rar
Fwd Shipment Arrival Notification of 772165397672.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 758KB - Virtual size: 757KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ