ad961fc4b4e66ae5d9d43b997cb4deaae074d8235d818ffb3f193bc3397494b3[.]7z | Triage

Sharing

General

Target

ad961fc4b4e66ae5d9d43b997cb4deaae074d8235d818ffb3f193bc3397494b3.7z
Size

813KB
MD5

d7ba07d8f2713c1281611e816d4330e0
SHA1

52ae4f532e1a93ac482637524a4415ce559e7755
SHA256

ad961fc4b4e66ae5d9d43b997cb4deaae074d8235d818ffb3f193bc3397494b3
SHA512

a38f0b1d9335a12f7fac0fdbff6a5e65073f618f6cc1e361c920c639560ce7f36a9ba36651290133654c889fa394e04a102370fd2b5fba2f5f366cc5041ed9d7
SSDEEP

24576:HuhyLqOR9YyujvpuMlimePHQwQT/yoF5vA4kWVQ63wO:22q6Y5jvgYibPwwQT/yWvA4kC3wO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Booking_BK24-000288_19_Apr_2410_52_34 AM.exe

Files

ad961fc4b4e66ae5d9d43b997cb4deaae074d8235d818ffb3f193bc3397494b3.7z
.7z
Booking_BK24-000288_19_Apr_2410_52_34 AM.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DTVwB.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1006KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ