Transfer Request Form & PI-825073[.]img | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Transfer Request Form & PI-825073.img
Size

1.2MB
MD5

700a1fe5590941177f890bca659422a9
SHA1

6ef1f4cdfecc8b18a45fadddff45cc94d6a0f1c3
SHA256

9a7afed30f238a7fb1a3c21f9ac6b66415df243c4f61463e8d5aa1fd4f67e3cd
SHA512

348ba8f3916f2096360e52d7d0796d77f146036a1f69759570f8cda95c3d7510e1fa196aebb25e3bc1fd5e090ce3de0fac692775f0db6000cbe7aa70744db5cf
SSDEEP

12288:buXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXcXXXXXXXXAXXXXXXXXXXXXXXub3FM7Hu:bF3+KFaM+5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TRANSFER.EXE

Files

Transfer Request Form & PI-825073.img
.iso
TRANSFER.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ