AWB 5596370080 Documents[.]gz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AWB 5596370080 Documents.gz
Size

887KB
MD5

8e1ff426694b680b166d92c1d92863f9
SHA1

033cf1d2087b978ee425eb20a470ada41f74dd65
SHA256

1b4991d36f09f8cb146534524957f89da72621057cce18a95335b001566b08b2
SHA512

a3874478d8009e7b782a30d71c1138415bdb3a0491e33975c8de3e74a0d1d12dc9e4fdd5768c27f0573c772e877e4be2ebb229179b8698f9ef5a8a51756a0fa1
SSDEEP

24576:YR9UtmVyyP+ojt5FGxPEEvlqayxOCvHnJ2s+v:YRWmEyP+MGjvlNWn1s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AWB 5596370080 Documents.exe

Files

AWB 5596370080 Documents.gz
.rar
AWB 5596370080 Documents.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

iHaC.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ