MV HE FAN DETAILS (1)(1)[.]doc[.]lzh | Triage

Sharing

General

Target

MV HE FAN DETAILS (1)(1).doc.lzh
Size

648KB
MD5

787b9fedc747370de3910e433be20b62
SHA1

99370a71e57abea090d59642925661a504853edd
SHA256

6d566b4aa0c1546bef85b6df93d59844fc11da2417ebdbbce0cd579b461531ad
SHA512

90123125ac7b134910627c268c12ec803391836b145f2c9314076550e0267c5d63cf86f228cf761b2da4806ace5b109e0094c7ea8c34241c52e4546045945ada
SSDEEP

12288:ZSlD/CCB0BOO+rGbedHJnIyRw4+SHUpiQyXimYS/BjLXe:ZSxNdO+raenIyu4dU0QEimZBjje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/MV HE FAN DETAILS (1)(1).doc.scr

Files

MV HE FAN DETAILS (1)(1).doc.lzh
.lzh
MV HE FAN DETAILS (1)(1).doc.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ