Purchase Order # 4001[.]exe | Triage

Sharing

General

Target

Purchase Order # 4001.exe
Size

775KB
MD5

86b73bbcfe5826241d7d19c3bff0b75e
SHA1

6b49867bcc04b4d3735fa426c747a5e1925981dc
SHA256

7d9ffe4901d60bd70a17d7b507820f79f67ce33ed933bc6c109fdb1096429570
SHA512

18a2dc7f591218ec1a23dd2eb1538a288fdee0fd955a331c842e580aac2872811f3b3ea42233ac2c83cfaaa3d3356d360403bba8b20534398ac25df8ccce4a14
SSDEEP

12288:22iNMyiRJU/WcOkSCn8COOxBPIL0Nww1vVKG5BSso7Jca3:21FFeBkSO8cBPA0wwKuBhYOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Purchase Order # 4001.exe

Files

Purchase Order # 4001.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ