PO#36538_orden_Indirect_Buyer_Procurement_Americas_mexicos_24[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO#36538_orden_Indirect_Buyer_Procurement_Americas_mexicos_24.exe
Size

2.7MB
MD5

3fab44c211a6c5519aa034184aca3fdb
SHA1

4d4618e371726bd5f7cca66659fd67ecb9b1d9cf
SHA256

afb3c2222365641951a91bb0a55a1cdd2774539475a79c0deb8fa6bbd3d56f53
SHA512

9efa63f831787b95686e6e980aaa952aa108a9a9ee27cc64191fc6608e5d6758324f7bdf33ce92ee64f8c7aaf91fd39bc890e936e172f651b9208f4502270e88
SSDEEP

49152:8g9uoiYHSyjan3elu7S0SuwJZ7ZMVqBfs0CZY0ems:v9fiqSKw317SzuwJZliqBtCZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO#36538_orden_Indirect_Buyer_Procurement_Americas_mexicos_24.exe

Files

PO#36538_orden_Indirect_Buyer_Procurement_Americas_mexicos_24.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ