b1e364b7fc6c15e7d83bc2b34a956b1dd2a7b4efc1a5c061778719730831e14e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1e364b7fc6c15e7d83bc2b34a956b1dd2a7b4efc1a5c061778719730831e14e
Size

1.4MB
MD5

cf979a61aa4185c2e124a25ea09453ef
SHA1

0ae3670e167149a5d05887de6853d1c43fb4e341
SHA256

b1e364b7fc6c15e7d83bc2b34a956b1dd2a7b4efc1a5c061778719730831e14e
SHA512

290c27300c82c57a4e6a524ca83cb6554f1913dad7698465e3360f338fa7092052009ac6d04e3d54ce4fbf0b036cd54d4599ba1cbda6ad2a82d8196abfe6735d
SSDEEP

12288:tXUVUzXpTsOgBK8XFTVvYBnJHaDm5SJD/g7ZIOVdr:LXpmYcTVvYJJ6DoSB/1OV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Shipping Receipt.exe

Files

b1e364b7fc6c15e7d83bc2b34a956b1dd2a7b4efc1a5c061778719730831e14e
.iso
out.iso
.iso
Shipping Receipt.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 819KB - Virtual size: 818KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ