b036b7794c69e6bf23a04f4c1c3c1130e7b8093c5b235e8a4de9f3f979ad8607 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b036b7794c69e6bf23a04f4c1c3c1130e7b8093c5b235e8a4de9f3f979ad8607
Size

613KB
MD5

212824838db3bb8618fd51a6a2b2a1cc
SHA1

8997113d1d0736f14e4c1a378eeae22b88c5a935
SHA256

b036b7794c69e6bf23a04f4c1c3c1130e7b8093c5b235e8a4de9f3f979ad8607
SHA512

a03d1f32dd13c3acdbf780be4ebb759e1d139966c34e88f8e51c9a8b3a19b79cd5cca60096a44f7a8e3d30e72545fdff10d8718a233637dc66303b5406d55917
SSDEEP

12288:nsnvEKQIN4n9OQgFOTQxGZLIDXZc4qkmHl5u+cLh0SIs7t:njRnUmTQwLMpcmmjubLNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Air booking form + Invoice + Packing List.exe

Files

b036b7794c69e6bf23a04f4c1c3c1130e7b8093c5b235e8a4de9f3f979ad8607
.zip
Air booking form + Invoice + Packing List.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 634KB - Virtual size: 634KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ