cb56903ecc9106f33e69136d066cd4e83c9d71b4327be9da2f480f3f8fe44393 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb56903ecc9106f33e69136d066cd4e83c9d71b4327be9da2f480f3f8fe44393
Size

1.8MB
MD5

5aa08af21a64d1afcd176dd305ddccde
SHA1

8236b16f8abe141b505c1ad4d56b3d011331ce37
SHA256

cb56903ecc9106f33e69136d066cd4e83c9d71b4327be9da2f480f3f8fe44393
SHA512

27617132d4e1c8fb3d63ac190c61f6d98a3df93da913f1cd667a53ff9f9b97afbce0ba24be40dc34ecf45fe5c572befb79bb735b8a64c03d8fdc8e6d59d467a7
SSDEEP

49152:+87IsDI1YT+f8jMa0vRLVDGKkY4+WdcdL:+87IsDIofMRvLHkkXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Pzm.exe

Files

cb56903ecc9106f33e69136d066cd4e83c9d71b4327be9da2f480f3f8fe44393
.zip
New Order.img
.iso
Pzm.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ