SSTF Co[.] Ltd - Purchase Order #28783[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SSTF Co. Ltd - Purchase Order #28783.exe
Size

18KB
MD5

f295a684ad0966fbd0b0eaf30cba5a33
SHA1

14b16e413daf1d2a4f4081b58504ad01b5fa142f
SHA256

b8c290690b92fa97d3e20d03fd66bb9aa8eaad3b97715f71833969cecba5e1aa
SHA512

7258509acf74247031666bac08440fdd39caba783d8acf9f483894a2c79778762987a3fbf73454208ec28148b4a1472581d1761a37cc191f91601ee2e81b58c1
SSDEEP

384:W+bXUmADdw95WNnwGFoVaBfSi9kMmEjI88fTcLpE5vJaNJNRCxUv:W+GdiGFokYMmEIbfTuZNJwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SSTF Co. Ltd - Purchase Order #28783.exe

Files

SSTF Co. Ltd - Purchase Order #28783.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\2023CryptsDone\bank\bin\Debug\Secured\bank.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ