PROFORMA ORDER 03452[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PROFORMA ORDER 03452.zip
Size

785KB
MD5

61f0652496ab960d2159548c529b57bf
SHA1

287d221f54934df34123ff35d6e52e5fcdf1cb5e
SHA256

a3147f2fadb107a64402cbca210dc818255c9eb39b348a0384678360ae2d49a1
SHA512

04c0e31acc53fda14698be87edc5004ca5521ef6cd2ba47493410f0a00f27c93e98d3152712a40939a1ddf7343e0efa83bae31b08b8e14ae5d8562894e7b82ba
SSDEEP

24576:wkncef3wlGc3YMdrFajAzFsmWeLTexrux7OSjA:D1g3312j2FsVwixix98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PROFORMA ORDER 03452.exe

Files

PROFORMA ORDER 03452.zip
.zip
PROFORMA ORDER 03452.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 646KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ