purchase order[.]z | Triage

Sharing

General

Target

purchase order.z
Size

634KB
MD5

14f81dd4f8d52e284d3a5d17f0c3cbae
SHA1

ad5c1e31f9a94d4a48d6f398a823da525517c84c
SHA256

d13bcc852f97c7ecfb1106741051a7a24657a73cb32d717cbda8036f5acd1bb1
SHA512

4f8e9e0ffcf9e85f2d607c048ad38773804da63e9d4f38c621d825a2074c5716ca7b6f6ea1ac5feba6a04c46f76daff4c3fc2db422a0a904990c0519f70d0cba
SSDEEP

12288:GQgh82HkGs4RDCx9exTMYv6KPhOu+C1B8PmBWeAAy0HvJr5:HgTHk34R+9IMYv1qC1B+mUZA1J9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/purchase order..exe

Files

purchase order.z
.rar
purchase order..exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

UFLBOzA.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ