21112023_2205_21112023_Purchase Order Document_II[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21112023_2205_21112023_Purchase Order Document_II.rar
Size

110KB
MD5

be562e220ecbe635929ea53ab2e5b420
SHA1

54c088e96e3e7d03061975b617701ef99667d268
SHA256

14153b045d0a4286b0af2a369d7e10663d97f54639c1a43ea9a9ff5498fe3aa7
SHA512

8cafc681155854de6e7977c5a176c395ea1448f3256d126336363a492e893240e3a161e0655eb1636b42c344435b3d5a212ab04a0057d97044ba2e21b252ae0a
SSDEEP

3072:55r+czpIyf4jE56hZ4GQc+4dsOEHo9AE8tpU:5hBXQjqSZ1I+BE0AU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Purchase Order Document.exe

Files

21112023_2205_21112023_Purchase Order Document_II.rar
.rar

Password: user@123
Purchase Order Document.rar
.rar

Password: user@123
Purchase Order Document.exe
.exe windows:4 windows x64 arch:x64

Password: user@123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ