04be2382458dc42e75f440d1bde7065b[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04be2382458dc42e75f440d1bde7065b.rar
Size

455KB
MD5

04be2382458dc42e75f440d1bde7065b
SHA1

71440eba3406f7d4cfeda18db51aae8bd0ca7390
SHA256

0e0bc4b35abdcb24d188d891bb687510462292d5e813ea24e08a1e902c6a8fa1
SHA512

f8bce7015e482f5a80729e35b2a329c1ba1fb2b8d62fff7ee6edc7878a787ec067c0496c06228d78f99e3e6ea4f44b87f5f9a9a9879e0a30ea1178af27853dfe
SSDEEP

12288:gIz/KQbL8NBLiy7Z4/ntFkm00HwttVIxqQljlnLMgN2ExG:4QbL8bZWMP8oVWq6nLMr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase Order.exe

Files

04be2382458dc42e75f440d1bde7065b.rar
.rar
Purchase Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ