d4bc71634e725c054c8223bb49787362ad0f2680c75e29b2729ebfaa5e43a20b | Triage

Sharing

General

Target

d4bc71634e725c054c8223bb49787362ad0f2680c75e29b2729ebfaa5e43a20b
Size

793KB
MD5

9c23af8d899d66f8919b92ae2a5bdb9f
SHA1

e61ca85331ad688cc033c8336aee47f1f59253d8
SHA256

d4bc71634e725c054c8223bb49787362ad0f2680c75e29b2729ebfaa5e43a20b
SHA512

86b32b1b13927d70e01782c28e77cb0ab2107bd6f517c2d82e5391eddfc81a066c083b26c5adea0cba61620e862f18073424e451cc7adb961bbafd650d903438
SSDEEP

24576:dNWuZHUl7y05JYDBDJrZ0YKva6WJFJiOSO2:TJZHLB1rCfsbiXO2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PROMAR TRADING COMPANY.exe

Files

d4bc71634e725c054c8223bb49787362ad0f2680c75e29b2729ebfaa5e43a20b
.zip
PROMAR TRADING COMPANY.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 969KB - Virtual size: 969KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ