21112023_2211_20112023_Bestellung 23600566[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21112023_2211_20112023_Bestellung 23600566.rar
Size

461KB
MD5

122b60e1f2a1eb7a6fa6f2d9b53b49fb
SHA1

3a6f5eb52a36ec79e2cb3abb2be6a06798144599
SHA256

3ed1a0a03243cef621bc32a5d658b048dbc1a6d84e0f7e280430202da714ae6d
SHA512

aee373510fcc9d821293ec5d24ba706c45152df5144e803e6460a7c75a1d26d4c71f34df13304039f8a76f25165f8fa3e863b9657dd19587a034db450e48e55f
SSDEEP

12288:ZO/YFDAynEA6qBigWVgXu04lw/a+A0bbcHcO:I/Y7t3igWVgZgwSF0H2cO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bestellung 23600566.scr

Files

21112023_2211_20112023_Bestellung 23600566.rar
.rar

Password: infected
Bestellung 23600566.scr
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 646KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ