TBN (VESSEL PARTICULARS (0)(1))[.]xlsx[.]lzh | Triage

Sharing

General

Target

TBN (VESSEL PARTICULARS (0)(1)).xlsx.lzh
Size

639KB
MD5

e29fccb1300bcb32cbb59890dffea7a9
SHA1

577711d524bb040cc9f4437e44542bf1d42708fc
SHA256

3da27e8b2e9257a99b70948bc0c74b13b2cf73ac814b1d6b4c6040a4aa9cd8b2
SHA512

a0bcacf51f1ad7a4bbffc4a4cae3223c0a1cc7bfa3adbeeff69fb10995232b10a6e08fedec6970c355225e828ead97ce9f301b3e186c4c51a335d9d5a95cee4c
SSDEEP

12288:fgFPpXWxUWXkwSRtbDz0BHjmp7xyQGzVYSVjGkv3CZum/2xPk9+WW6SbC:fgFPg1A6IpGBYSVjNv0exxWWDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TBN (VESSEL PARTICULARS (0)(1)).xlsx.scr

Files

TBN (VESSEL PARTICULARS (0)(1)).xlsx.lzh
.lzh
TBN (VESSEL PARTICULARS (0)(1)).xlsx.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 708KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ