Ship Particulars[.]exe | Triage

Sharing

General

Target

Ship Particulars.exe
Size

510KB
MD5

6debaa51d662e09d78813d4b6c6bb8ca
SHA1

323956d6dbf48dec9006960f8f700fe388d059e0
SHA256

51f20a43fbc4b4583e43fc6f60200093897653f43e16737ea1ddee9e6ddbc370
SHA512

2d10d8016f93e0571f6b0a5e4e1b51d85d47b58fb0f3acf256f86eece9ef4a9276a7f7959b123cea15fb1974bc48684c1e67f13a65cd2b01dc0f75e6f15e247b
SSDEEP

12288:dYVofpHdcC/KHY3b3m+6p+ydJKnjI42LGUVNLT:2apC6K43b3j8HIy1rLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ship Particulars.exe

Files

Ship Particulars.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ