nIMG_Purchase_Order_Specifications[.]pif[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

nIMG_Purchase_Order_Specifications.pif.exe
Size

891KB
MD5

c21a03ba2040ef6de6b522ce779a8399
SHA1

59a91fd925902d7d21829a5a4d57765f69db1369
SHA256

ecb9115de92beb10b3344687dfe5a2147117302e02378f5592649d5761e33305
SHA512

fa92469d362d41e16a19ce615a341c4b8fd07805f5175074cbffc182733537f51f71e972029037bdf782dfdfcb47be33b7d35ca350e777fe3d9c0b1dc9905327
SSDEEP

24576:thFgZKs71DI5AGSHHZsxeosZWve9hDYwwppqO:zFgZKMXGSZsxeosZ6YN/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nIMG_Purchase_Order_Specifications.pif.exe

Files

nIMG_Purchase_Order_Specifications.pif.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

KzWyp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 889KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ