09032024_1016_08032024_PO No N1941622[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09032024_1016_08032024_PO No N1941622.rar
Size

749KB
MD5

c347fcdb6d50233468524460bae33da4
SHA1

422dcc856d16c8c00de2e892f041febb80c6e1f9
SHA256

e7f8131bbae5924ef7b86e3be050039e25098b00061d1a34cd4e8ca40944986a
SHA512

8f05521b9bc9824aa4146a1f435bbf09551c0a6018de3dd983db8b091010e9f1e4c7d4d41b5601deb32a808d2fff17c6240ad4bb5414986126fa5b27aa0986b4
SSDEEP

12288:NmBdkZDwhWq4LXx7i7buibERMy34tPDTnIPVmHpAAxcj717LoqfSU6zVpTyd9k:NmBxL4DqbuibERQN0lzVLb6zf2bk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO No N1941622/PO No N1941622.bat

Files

09032024_1016_08032024_PO No N1941622.rar
.rar

Password: infected
PO No N1941622/PO No N1941622.bat
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EIPg.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ