0caeede0ee9b597823c03af4c06a139c[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0caeede0ee9b597823c03af4c06a139c.zip
Size

774KB
MD5

0caeede0ee9b597823c03af4c06a139c
SHA1

0cd954dc30c08e4b05c79967bc950e1729b7af8a
SHA256

5526626d6c51b9056c5e143b17975fce5495c9ffda0744c74767b232b1239eae
SHA512

c3b3f8bb5dbd2fb40d754b68c86e9702fce34eec3ab9f1f0efd1844df0936bdbc4623a4fac36a16e79059af41e17513e1047443057e06936180c8e1575064095
SSDEEP

24576:GXfiAzBJrrt4o02ahQDKU9g3hemnGoDi+:wfdz3rrtH0F6Wd3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/Order.exe

Files

0caeede0ee9b597823c03af4c06a139c.zip
.zip

Password: infected
15185de67b35930c775acc329c4c26a9fdc85dcc082be0404a73a5f331202032
.eml
Order.raj
.rar
Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1017KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
email-html-1.txt
.html