ORDER[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ORDER.zip
Size

490KB
MD5

9ff617c3b33f55feaa46c9373c018119
SHA1

14f90b46e38eba59be48f2ca9f0a6d742999a9f3
SHA256

2d0c195cad42c20024600cfa6643a66c7dfe17ec96cc5f36bddb3b48f53ba0ea
SHA512

cdd5002c2d541321363a1bbdd2b52dd78b9fef02e521ebea1abf83da32e226405b7154cae97bfbd2f125470112874ee0578419af8c506fda718728917b3f0864
SSDEEP

12288:ggPMxE9oE6p7+wDr6jaGeb9COKGAdibs67Rj4S9OqgLY:guMx0f6R3Dr6jqpCmAAbl7RYLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ORDER.exe

Files

ORDER.zip
.zip
ORDER.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ