Shipment notice & Invoice82724[.]exe | Triage

Sharing

General

Target

Shipment notice & Invoice82724.exe
Size

741KB
MD5

36a91779a593be04f8b64cf2870130aa
SHA1

bed120701f37842b4b38fc145253a4386dac07b5
SHA256

a4d81a3c0db4ed8c4a90e61d123577548ec0334cc071671cd6cdb23fc450ae2b
SHA512

cd19fa322f39846ce80516bf88504f35230209cd5abb5de08761c2c443baaa996ea31aadd22cb69a4905ea5b4f1ec0f6eaf73e049b29686047971bde9d9406ee
SSDEEP

12288:x5LegJE7UcXFoKuJ1SwoPRTwoRhBPBCDjjy9+wydb916AafsoW0A:nC7DVoKuJ1S3Jf1/9+BLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Shipment notice & Invoice82724.exe

Files

Shipment notice & Invoice82724.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

BxFi.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ