87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f[.]gz | Triage

Sharing

General

Target

87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f.gz
Size

958KB
MD5

548c8b9d3c2173a948ef8e8f634bf926
SHA1

97cdb194570053b259945d956e1ab5b61f7210f8
SHA256

87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f
SHA512

550ba0c3f47001d5c9b56254045bd8ece71e7154dbeb90c67a7e464c1278c8e0f0a65cba856f18cc1a299e8701645e130e2e65bb9729041ceaeed39a51ca2428
SSDEEP

24576:ww2WNz0Rq8h/s/5PE3qo2XOFescJXF42q4dB:OWOxQ5oOOFyeodB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.bat

Files

87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f.gz
.gz
RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.bat
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dANQ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 972KB - Virtual size: 969KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ