65cdb41456217689b81f665c2326cb421c9552efda18fe0a219f76518f70553f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65cdb41456217689b81f665c2326cb421c9552efda18fe0a219f76518f70553f
Size

649KB
MD5

48c693580768fb7a7a8b01499b4335d2
SHA1

5f87259b9352ea7c6579d12e640fbceb527825ac
SHA256

65cdb41456217689b81f665c2326cb421c9552efda18fe0a219f76518f70553f
SHA512

9fb5df455bd08f32d8801fff58113713f097bc15ef0796883798e2c649e2edce16d910df79eaa6bbc6a0e870f303c7af4d1eda13685e6aca82f27f882e72add1
SSDEEP

12288:9mgWlDhliKj0hhgiaVAIa/TpcwuZdhmjQVKfxRCeqY1eNSly+yZj:4gQcyVAIqTqjhWfxRoNthj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PURCHASE ORDER.exe

Files

65cdb41456217689b81f665c2326cb421c9552efda18fe0a219f76518f70553f
.zip
PURCHASE ORDER.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 661KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ