22112023_1847_PO 876_1057[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22112023_1847_PO 876_1057.zip
Size

608KB
MD5

ba35c0f4d65f14ce24ab12a4e70a671f
SHA1

d7f1e3bde48acc1f6ece7df5658ce207a5ec5558
SHA256

a018691e71709da8bbfd459988ae754bfbcf9cc0fb8d6d58f985993c542e0dd8
SHA512

d0cb9c94a719b856aa217119060e116ac68da327897fe7a83dd08d7bc527209fb6bb4768fd5f37412a96a23e7f20cc47d1c9cb29c32a7a8e88faf54d567eed81
SSDEEP

12288:l3O2RpVDfjeU/jM0WzejdkUet+Szly0NYT6RYikV:jRbL3/AdzejdFet1zE0NYT6RNkV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO 876-1057.exe

Files

22112023_1847_PO 876_1057.zip
.zip

Password: infected
PO 876-1057.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 719KB - Virtual size: 719KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ