8ef546bf-854d-4caf-bb01-b62dc1c006f3[.]arj | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ef546bf-854d-4caf-bb01-b62dc1c006f3.arj
Size

522KB
MD5

941a20e25a593703b21e4b556a1ef470
SHA1

8dd24222cde84ed6ea18032eff14f4ed9d0c5e5e
SHA256

f0c823e46f466655a5885549ac32b82e7ba580a78e1763bbec354a4a068b74f9
SHA512

1a9d465b21967aedebbc9a0c2e19a4ed9ca49521a07c6b8e46fed686370c83f818723842d3872c5ba026346125400a8096ca6422784a104482565aa455f174e0
SSDEEP

12288:8EF5/bPk45NIIpCHpomf8NbIetSAzOwqRzQHsFGr01c99R3:z5/o45NSf82wLqRkMEsc99R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shipping Documents.Pdf.exe

Files

8ef546bf-854d-4caf-bb01-b62dc1c006f3.arj
.rar .ps1
Shipping Documents.Pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ