GPO24-25004800[.]IMG | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GPO24-25004800.IMG
Size

1.2MB
MD5

71815bfb06b3cbb313d17acc016f6675
SHA1

0a78c2fe91f9d88ce283011fd52f045917ebaeb9
SHA256

56f7134083814ec30306cdc37ae95f11faa6cd7c19ee5100a5dcfa0e5e325826
SHA512

124c33a82dd854111a13081eecb9a629722f64de4ce62a80c24c4dcdbb6ca53a34eae683aeeb83e76107c085daa7193265b80a42539fb22e037c6e2b0dc563ab
SSDEEP

12288:IRd1YNstVqEpbrDxQOW3IKU4P8WX0IIFJv7vnHXHWt:IqqGExrDiDYr4P8EKdbn3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/GPO24-25004800.exe

Files

GPO24-25004800.IMG
.iso
out.iso
.iso
GPO24-25004800.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 670KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ