PURCHASE ORDER _ 000987-0064 GR_Pdf[.]tar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PURCHASE ORDER _ 000987-0064 GR_Pdf.tar
Size

349KB
MD5

e7eab977e375ac0b7c6cd93c7d3bd9b4
SHA1

8806e691b3f0cdc66ae8a845d720d8dcc6a74570
SHA256

9ad2e42b6cc832a542f35b3787c5f7d62678ecceff0e0f513091090fda1ab3cd
SHA512

6e2e2fca94f209bc62c85763762e562ae39abc2ff9b8c69b68e314e20f9fcd85a30daa69d01d575f97eab71c072e29b07b72a87b48447f00b49e7f99f9f8c035
SSDEEP

6144:7lKShFO7/Jvujzt2w+xsHw3QPB9xA5Nw6RqiF/4qQUq4gtPzCvlG8/3xPPkoo0IN:7YSFqJczx1Q3QPB9p6Rqi2qQUq3tGv1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SSSH.exe

Files

PURCHASE ORDER _ 000987-0064 GR_Pdf.tar
.tar
SSSH.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ