Quotation - HDPE Fittings[.]rar | Triage

Sharing

General

Target

Quotation - HDPE Fittings.rar
Size

634KB
MD5

7375bb704bd5f629d65d0d65d6866254
SHA1

4078912290a256755f5d9f475141056499b9e755
SHA256

5b613734e447fc4f4905676fe530a1196c7292d410e5d88496c39ee10c2cfbef
SHA512

efca5a01f3a7a0fe9ca2cee2a4808cbd5dbdb8516c60c48c7dd1aa65b360d3238934b67f149b3a1c728c34c6b56703cbf3c2494c81417df527ed7eb43d767bc8
SSDEEP

12288:3eceY+6d88LlSEuJCkh/6FXIQMSaaSAN0lac4oaOFTO5mbu:ucv8OlEYkhyFXIQMSaaSA+arAp1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Quotation - HDPE Fittings.exe

Files

Quotation - HDPE Fittings.rar
.rar
Quotation - HDPE Fittings.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CZUl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ