z1NewORDER[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

z1NewORDER.exe
Size

859KB
MD5

665206ce0d063ff55f180b508984f626
SHA1

9a45d2da9d8dfd9bceb9e645b8ab85621142ce8d
SHA256

63e6f72454c13a1384aaf3eb5808a8e886bd0fa100ffe633d5d27ae24c5bc1ac
SHA512

868a3401ec9965f8fa544cc1074fb7515d008c4e16797e6a368f9fbbad9c03ee275020b6c96c9491b5ec4ef56bb7172addad280424679320d555717350f1fee4
SSDEEP

24576:8HZ0Iipx4Rll0rDrxxv80W12gsM20GYfpBhtD/:oZ5G4bl0M0WUgsdY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
z1NewORDER.exe

Files

z1NewORDER.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ