INQ[.]zip | Triage

Sharing

General

Target

INQ.zip
Size

838KB
MD5

d87e15f0c6ee8c903be7183ef177c8c1
SHA1

888141add98970eac85dbcd1b87bf2510797ac86
SHA256

7b77d58834007e2b1baf6fca2ab6ff31350228b364e199d9648e87651fd84ba8
SHA512

df16cb86bcac6e9e436592c03fc8e67fea90508e43e21adff358637c0ae912abffd0547dd4e2cec106a1cd821a68605fed062bdeb82066cc5f0f8e6f1c637213
SSDEEP

24576:Qv9JE9OKGuJzEFvof8nnsMftK0myr0hc6DG8Xiq0:QVYxGdS8nsMV0/iq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/ORDER_INQUIRY.exe_

Files

INQ.zip
.zip

Password: infected
ORDER_INQUIRY.exe_
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CPgXbbWne.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 867KB - Virtual size: 866KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ