d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95.zip
Size

552KB
MD5

f1fa4a41d9eb39ea6f3570cf8764dcf5
SHA1

02fb1ab81695910a23ca19584da8161b94415ff2
SHA256

d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95
SHA512

bbe285f5ebc70a72459ee72ef3c19b700007ae683366c334ce44cd4af2323b26c6a507b230849995ed69551affee8ca36d513324df5198da32f26b27f7d48d71
SSDEEP

12288:pCwPwWOy8fWfQkOYgYyanYlo9jbc8cwXf+y/rcI49y2c:pjPQOfDvYlo9jfcwXfFrX4M2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/open-order#456789.exe

Files

d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95.zip
.zip
open-order#456789.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ