PURCHASE SPECIFICATION-5031123[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PURCHASE SPECIFICATION-5031123.exe
Size

911KB
MD5

cb71b7d9b87d50dd4b36bfbedfee1020
SHA1

b65ceb1345a04fc0d575bfd26272027dd47bfc55
SHA256

0b750ad0c83a788817b6196db8f488a5a3ae9e91ab329bae7f54c834c62ab238
SHA512

3a5cfed2e4bb53c2b082595dc3bee50d94815a7edfc7966106f20285c57d4d6540412100a9073f52092e7a2f1b7e74cdf46c4c4847e56477490487b143be88ae
SSDEEP

12288:OVsQ3KwLnWnskCIwZzoxOGmlIdVM2RVgBcTyOYEIEESCn5lZgaREILCVxYHLn:bQ3VLBDzhGmlAM2b7XnESC5sWJUmHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PURCHASE SPECIFICATION-5031123.exe

Files

PURCHASE SPECIFICATION-5031123.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ