29f77e16d491110cdd7d6525f0792df6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29f77e16d491110cdd7d6525f0792df6
Size

762KB
MD5

29f77e16d491110cdd7d6525f0792df6
SHA1

09fa6627c5719a8be3e240500aa5701f6bf256c5
SHA256

857582c511ec774aad97d60aed48fdb084d3706911152b963dea7cabf878070a
SHA512

ae5fc18ace722a61e0eb9c0ffd53dbaae3a6253223800b152fc89eabcb8e70557466171921de0637bcb05761319f812d0ab6f26c32cb2bbae7e68ac2608f32d8
SSDEEP

12288:F4tIuMDUbl7MrVbYEAIVKOGo0/MHC4b+MRaxW9sSe8qdcbxA1ICh5AeGh8Lgyj8p:mlMDwaxAhXQQGD91xA1jAeDAp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/pedido072821.exe

Files

29f77e16d491110cdd7d6525f0792df6
.eml
- http://esp.sika.com
email-html-2.txt
.html
email-plain-1.txt
noname
.png
pedido072821.rar
.rar
pedido072821.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ