a981d86b14c7730a21e3e65ee82bfa68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a981d86b14c7730a21e3e65ee82bfa68
Size

635KB
MD5

a981d86b14c7730a21e3e65ee82bfa68
SHA1

cc4d604c0a770e11eb2e96721266db67806482ab
SHA256

64d594586df187a418067a8f90f57244a543f2a32c5736412b89348254de84cb
SHA512

fd01d79a92cbf695081f088b89cadf180405c768e67409e09941b28df6cfef88cb5e62f1cd84419f58e9513b517c728c789ed79d15c8e4a13cb00ca643bbad6f
SSDEEP

12288:oLh4i8ZubYVOwFG1iRg38negOiV7V381YyMOkypdJXizVtS9VzYJNRajt:oLh4jZVOwFG1IegOat815M6ijK8JqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PVCbiDUqly50DqS.exe

Files

a981d86b14c7730a21e3e65ee82bfa68
.eml
- http://www.turcomp.com/
RFQ for ANGSI LWWT.rar
.rar
PVCbiDUqly50DqS.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 639KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-2.txt
.html
email-plain-1.txt
image.png
.png