de47dc3211a804a39c03c4f646ca0f0b1d95c092a0cad1e61db9196394613beb[.]zip | Triage

Sharing

General

Target

de47dc3211a804a39c03c4f646ca0f0b1d95c092a0cad1e61db9196394613beb.zip
Size

665KB
MD5

eaa65962797ce68df837f88961ac895a
SHA1

4af5bd05af2504ad0f48257c46240f63b485c9a9
SHA256

de47dc3211a804a39c03c4f646ca0f0b1d95c092a0cad1e61db9196394613beb
SHA512

e62d0694a8d405a3b3e90416481639429b3a4003b64da85086d0940a14eb402f1a4570673e55c508e3c24426f9eda0425486c32d2a017618340c29d9c0e893da
SSDEEP

12288:aTblyisDArPEvjzxFNdeFFTiHjwHhvOxZP+mIfk40Xjqyk/iDDMnS:aHcBDQPYneniUBWvIfkRmViEnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/NEW ORDER -RA2000000056.exe

Files

de47dc3211a804a39c03c4f646ca0f0b1d95c092a0cad1e61db9196394613beb.zip
.zip
NEW ORDER -RA2000000056.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

UaLB.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 724KB - Virtual size: 723KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ