Receipts - LIEF CTM[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Receipts - LIEF CTM.zip
Size

708KB
MD5

ebc2be2e4ac753ad7c1c51bfb6039f8b
SHA1

7156c2389a3cde27d4c750fc38c9aea27da144e0
SHA256

329b6de2e5f836a0a7d26c85aa63c2844a614dff6b446962940d293c0bb7226f
SHA512

8cf59c3f974906f7cd77839d0062baade0314b13b5f9357b15d094a0d6ddda3b4df7eaa49e23b54bc2c3a645383108a52d19ae7da1167cd96c4c43706bdf5b37
SSDEEP

12288:WLSI9zJR6Y/gS1Klyi/PoMspd81UfqcplWYq+OzShg0L/+LW:WLT76Y/q9/PoMspjdPFMEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Receipts - LIEF CTM.exe

Files

Receipts - LIEF CTM.zip
.zip
Receipts - LIEF CTM.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 808KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ