PO439 Enquiry[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO439 Enquiry.zip
Size

625KB
MD5

e118c380a2f2245ab6e3affef9bb8547
SHA1

0fa063133a50c1bf2fb9d9c37a2d69859c1a5363
SHA256

64f5053d65126a4df7f1a80b72c580e09695502a42d7ca7445601170ca845771
SHA512

51f6568e869cd9cf8c88323097a11f74eb6730e3f78140e33fa524d3b62af6098a989bddb2956fa22c3e1e0b5554a82ab2f8b0cb21bc23b5bd51c6313b9483ad
SSDEEP

12288:L4Z7opJ8DsCQnE0xZrfI01qF0FTByVphSAfgwprf2B44pHFwBMCmAQx6:LIMAF0xfIMqFcTBerfJ12B4olR2Qx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO439 Enquiry.exe

Files

PO439 Enquiry.zip
.zip
PO439 Enquiry.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

abai.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 694KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ