f75cef2ca401714a35714b997352ec5c5034e37e2d8b58f38c493662ebf7b79a[.]zip | Triage

Sharing

General

Target

f75cef2ca401714a35714b997352ec5c5034e37e2d8b58f38c493662ebf7b79a.zip
Size

641KB
MD5

e2acdace07abd4ac568bf9e3649e4c6b
SHA1

ea1511930fe447bd450b66696b2d8c698ccfc469
SHA256

f75cef2ca401714a35714b997352ec5c5034e37e2d8b58f38c493662ebf7b79a
SHA512

daaaef6d636814b603fd6d1348854f534b3099453149775a56c33a88874b43fdb7c93dd4eb364f6a64aafcaee38b4ccf87aa008d73ea8546fb02c4ad17348f30
SSDEEP

12288:NAN7D9mwSZfwheS7WsPe3WkDTyKNco4RCtmJKZIQ8kt8mvcMI59ydNZ/B1KYaZxN:NAN7DQa7zm/D1co4Rm9SmyscVbydzp10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase order.exe

Files

f75cef2ca401714a35714b997352ec5c5034e37e2d8b58f38c493662ebf7b79a.zip
.zip
Purchase order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 842KB - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ