52a2408a4380249585956603853168f24f38221afed4c3bd418d46fdb5810cf2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52a2408a4380249585956603853168f24f38221afed4c3bd418d46fdb5810cf2
Size

578KB
MD5

6c9ab7a8d3d0898b8eeb58d53bf9f660
SHA1

7e901d385ab851a9f45b5ab9ec2054b6bb2fc9b2
SHA256

52a2408a4380249585956603853168f24f38221afed4c3bd418d46fdb5810cf2
SHA512

1a541d246707e0c2e8de97983f7e85358e0958ff8cf89dc1a9f6d0257978434a456cc927ade9e8caada435e9d129910232d126fe91ecd962b53e3d9858e903d9
SSDEEP

12288:zWwwDM42r5KHFOqvLIJnPV1sHqO4KmX7ZOzHjDMm7kWW:0z2d2O6LcDyqLXKHjDn7kx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PURCHASE ORDERPOmt1904069_1.exe

Files

52a2408a4380249585956603853168f24f38221afed4c3bd418d46fdb5810cf2
.rar
PURCHASE ORDERPOmt1904069_1.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ