24102023_1632_24102023_PO8687[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24102023_1632_24102023_PO8687.zip
Size

621KB
MD5

db65d277a3f2141d010b4b099459b0df
SHA1

c551237a5f213ebc9cc8619f9fda1d148ca44125
SHA256

39292ee98e42a063b2102637d38891e7766c3f5336274e87a843beb43b68022e
SHA512

ceb841a76dac3aa32b6f3a43b879f6a412b4ff9bd8b1125ba5f9e3dc8b2f30005f50b1d114d5fb9635e46cd120e1a1c97496b8e66c58ddbae1100035fc9bacbb
SSDEEP

12288:hbCTWN5P7HuZeeQZq+bPiK9bzMl+v3cIt5LDL3XqYBl7Ef1ZJbB2xfORaF:hbEeZ1cl+RnDXqYBlwtBgF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO8687.exe

Files

24102023_1632_24102023_PO8687.zip
.zip

Password: infected
PO8687.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ