r414SHIPPINGORDERETC-0313SO6432TW102667003[.]scr | Triage

Sharing

Copy URL Twitter E-mail

General

Target

r414SHIPPINGORDERETC-0313SO6432TW102667003.scr
Size

445KB
MD5

40e7f9319d64559c2bc3ab6595f419f3
SHA1

4f5da8030b4dcc5774d7e8bd967614e77510dfb1
SHA256

6dd41bfc65feff17a243f97340729b3472f519c1029127c5e9fee03bafcde338
SHA512

bd35b27bf7b59d86d7d5eed1854d9b365decb4a56f60eb53364dc9c65a0cd3350b67b6b4580a64f231166267d987aa0654ed043f0ce97e94d1bd8015a03187c5
SSDEEP

12288:hkvq31eoWDu5ysKCxGSY1gMGYkR2mf62q4KkrkDFAdq:heqFCu5VKsm1gMGYHmiWkDFAY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
r414SHIPPINGORDERETC-0313SO6432TW102667003.scr

Files

r414SHIPPINGORDERETC-0313SO6432TW102667003.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rpUB.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ