35a166f40905451546f697722ffc80ce23317395616e4d87eaf0679e1af2a2fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35a166f40905451546f697722ffc80ce23317395616e4d87eaf0679e1af2a2fb
Size

1.9MB
MD5

15c395b030d0a55d443628df62162c27
SHA1

e8a42dbf7c54c0f541bb6edb4154d262f1d5d69d
SHA256

35a166f40905451546f697722ffc80ce23317395616e4d87eaf0679e1af2a2fb
SHA512

0d9b7832457412dfed786beaaebfe3c8b39d8ef8923e748c08cb8045cc59b08caee4976d52fe77a878f535ecf365d96422b41fcebefa3a2f451e2c3d5032cab0
SSDEEP

24576:jrWEZMk14SN++wGIbw/V6yzBM2UZkc3f88c5Co9HXUXa77:jrWJG4SN+PkdMTZRP88c5D9b7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Invitation to tender FILE 004ML24.exe

Files

35a166f40905451546f697722ffc80ce23317395616e4d87eaf0679e1af2a2fb
.iso
out.iso
.iso
Invitation to tender FILE 004ML24.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 733KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ