Repeat Order 013124[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Repeat Order 013124.exe
Size

944KB
MD5

8ef0d716336dd7c16a78a32f3554e192
SHA1

34ea0d99555d99fc127b1b9bcd94e18f490b7dc7
SHA256

51c95e12d8dcab7607fd6d5a2bbd4d524ebf7797e6857d6ec25f257c67d9b465
SHA512

113752cfc63548b1ea6d318038f6c5bb1a651cad9ead5dd187edef4c5df66b9c2dd5a9ee79dda4e708275c75483d82d63f10e6fb6cac970b73ebfc87e8a71727
SSDEEP

24576:c8bshOXcTbiQY99eNpjIs12aSngvamxOvWsYg7:3bMTuQY9wHIO2XngylWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Repeat Order 013124.exe

Files

Repeat Order 013124.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

hlFY.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 941KB - Virtual size: 941KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ