TCP99001110809[.]xlsx[.]exe | Triage

Sharing

General

Target

TCP99001110809.xlsx.exe
Size

871KB
MD5

d8784f1741f6b23b4d54cd3491c6a647
SHA1

8ff2a147857e62a852abaaf646f78415faabd768
SHA256

67222bd90963f902c0c643a0e7bcc6f64d5fa4bc203bed774981c03f91168c31
SHA512

495d0f0d6169a81b01fdf9a22d4b59ee373aa2909a4b6d5dc481d26d0447fab45a3aec00f03053c71e926f63a200be9d485af50cd86a3d375334a75f3be22b1d
SSDEEP

12288:d1PDog+IKBUb0M9uoG6x3b8CrP+K7joANj4rIL4DXNa+TMdWlqTj118:8IgMMobx3b8S1HVNMrdXxTCTj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TCP99001110809.xlsx.exe

Files

TCP99001110809.xlsx.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 854KB - Virtual size: 853KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ