0d8521101241b018f3808c8284bf32d1 | Triage

Sharing

General

Target

0d8521101241b018f3808c8284bf32d1
Size

2.0MB
MD5

0d8521101241b018f3808c8284bf32d1
SHA1

11e2cb49f3f0d0ea2b55500e51dbc7e063409ae6
SHA256

c725f6a89d08c9a7895c6f096f114ea670c069a9c047783fb2a73f24b27679fd
SHA512

84d0fb4c5b128a7b4d24a8b2b16dd19ed8bffc9a26b457450caab3885d9bfd4ddf34e9c56b3fff4c25c4d492c540d0f868480b7030e978c1699ac338c56714af
SSDEEP

49152:GoTX3fGp+6gg8oMrpJvTrPyBhcLdViPoZqdWS8/VI4rlwV:LTnfGp+6eFtTrPyjWiP1dHkm+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/FedEx shipment.exe

Files

0d8521101241b018f3808c8284bf32d1
.ace .ps1 polyglot
out.ace
.ace .ps1 polyglot
FedEx shipment.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ