Shipping Documents[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Shipping Documents.rar
Size

614KB
MD5

334378e6032ad77cdb102da22d8177ce
SHA1

8affcca7dd665f65abc119bd484bb46f98612982
SHA256

e32e777b841e789819ef108d993cd56c4dd5906ee71d735e85574966207947c4
SHA512

7557cc76d204f800a4bb2e983083d3d877751525fcfa4ee070c9bb42fde19d80b36944ac27e2c336d8187652d63d4dec0fb35fd95319d4501d23d8c73289da88
SSDEEP

12288:RRM4+ONIzczb6/OP1LFci9MUy06usYXYMMgHN4mZ2aSyQvB9oDlpdU:RRM4+ON1QOP1LSIMUOusYoyJ25yQvTKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shipping Documents.exe

Files

Shipping Documents.rar
.rar
Shipping Documents.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ