df61d5798ba4beeed9bffe543ee8e4a21773cbaea98a29076e801e41d1c3cfce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df61d5798ba4beeed9bffe543ee8e4a21773cbaea98a29076e801e41d1c3cfce
Size

1.4MB
MD5

b762dbfbf863c01edccf3f1c5b4622f7
SHA1

1c97484d6dbdf2ef481fe8dc577a1fb7c3748a30
SHA256

df61d5798ba4beeed9bffe543ee8e4a21773cbaea98a29076e801e41d1c3cfce
SHA512

19dd125e717eb56b984e0977ab8d886035dfd53d64ba875d7ed465bed8dfe236a556070c9b478d2be1d6892d52dfc0b8359bcb6f8cb4c6a9eeffbefce2344de8
SSDEEP

12288:lVINcDUsZVf2SHstQD5cSwz1MEbIrqIN+yoDYnYLF3hjX9YslqmDar:lVrDhmSMGWzz6qaoDj3hjX9lVDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ORDER_N2705117.exe

Files

df61d5798ba4beeed9bffe543ee8e4a21773cbaea98a29076e801e41d1c3cfce
.iso
out.iso
.iso
ORDER_N2705117.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 842KB - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ