Order No Q240419617006[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Order No Q240419617006.exe
Size

688KB
MD5

8afafd9b38a273c6d714c632f5c547ba
SHA1

96c864bb6cbf3e644a7925f082ce2632ee3ea4fe
SHA256

ecbd820686317cc38e97ceac59f26f853bd924695b2d124c4e87f5f48c82bd63
SHA512

bb0417bcc5011cf6f22a341afe9317498da9313ad66d31fdc2bbc1ad5cd7037379451622563f2d2b92e82d18a39a70de93a5c9bb28fa253b1ec04f209343eb60
SSDEEP

12288:ri3/T3/fVrTtK3/okZT6l7H5bXpPowhz/11/eiup3y2LuzPfPZLo522Lku1k3/TP:2rXVrTtKAZldb5XFLehpiLzHPZL42GX6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Order No Q240419617006.exe

Files

Order No Q240419617006.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 672KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ