hesaphareketi-01[.]doc[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hesaphareketi-01.doc.exe
Size

2.8MB
MD5

afe9179fa19896cd12aba4b920315d4d
SHA1

88ad9dc2320bb1c7106cf0531a85d51279c3a0ee
SHA256

d3f0654d0a5d6234a21c5264fca60808296b12c4971ec36d5364547becebca04
SHA512

ae4ee2cff45ba7b034073aa24786577b4a019fa0df54bd98a584ef78a28b89fc1f4df56fd57fd815896f4dcfe01fb679511fab64cfe5d37678b01239364f5ed0
SSDEEP

12288:RXqORhwBupkiRQua/bj2PE/V8aIloZc9Hw1WUqc0:RXqYiBuSHP2PEN8aIloZmD5c0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
hesaphareketi-01.doc.exe

Files

hesaphareketi-01.doc.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ