Equipments Inquiry[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Equipments Inquiry.zip
Size

588KB
MD5

582bc9d7ea7450add2dc8501268995e4
SHA1

214c433f1e64068df15da81c7c2288d95102ac16
SHA256

47487e1cacb51854c5ef476c3bf4793b9d5b2949ac840e5d0b57ebb3e479cf3a
SHA512

431a7f64de93e072e72faa4db294ca0451fd1bd77cc153f6a9ff4cd285fd4541f8cf909387be3ccb1364af90700f46d8860545254761dfa2f5cc489697aec474
SSDEEP

12288:N626CoIsUkCTUPDN0GO6k+jQIStxUwB3CEFWgw1DjX8oJIsgj+bL/DJH:N626CoIxTUbNO6k+cIStxUaq3X8OHgqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Equipments Inquiry.exe

Files

Equipments Inquiry.zip
.zip
Equipments Inquiry.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ