PurchaseOrder[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PurchaseOrder.exe
Size

991KB
MD5

7f34f396c23c89adf6c24092553d37ad
SHA1

2a1f3891876c7a1faae11986d8861ad953447850
SHA256

ebb3a5afeb6a34fd0ca7e4ee234a04f66de5b7a38fbc4171ff5e8bcaeec8e100
SHA512

3afe1ca8ff06cbdf62383f5dbb3ff1c0eb00f9ac5f608ba0a72290c5b8a76d7b63aff388f5fd2c6c8dbacf92d3445407a97b1457beb7237b43d381a3db2b4bf7
SSDEEP

24576:sh1sHVJwxIM6k8ZMhvlb3QAae3QOoE4m7xhABW1ZO:sSVKxv6k4uTDAOohm77vO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PurchaseOrder.exe

Files

PurchaseOrder.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 983KB - Virtual size: 983KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ