Novage New Purchase Order[.]7z | Triage

Sharing

General

Target

Novage New Purchase Order.7z
Size

365KB
MD5

4b58788393ed34d4b9451e48bffd1090
SHA1

7318f3389033ad0855454219eb488343a5726121
SHA256

eac92a3c12d89e77ea81e69f157c6d338ef67fc1cac500fe817a0091950da1b5
SHA512

7826a4e97d6a4e38e4f6e868132a1844da083e6822b1caaf09b2a3d17c4d49ee567e1789f6fe135933f01cf72b2da7d188d077f3438f1b9e2cbb9d019e0c85d0
SSDEEP

6144:2H/8ZyGgvEZ9+tS+y7i2niw0fIt4ApNkMW+jyyKNqdRYnIrgeRWrZ9E3rC6:2H/8Z9gvEyS+yUw0fISSNk2wNqFgeRWS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Novage New Purchase Order.exe

Files

Novage New Purchase Order.7z
.7z
Novage New Purchase Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ