Quote Order[.]exe | Triage

Sharing

General

Target

Quote Order.exe
Size

408KB
MD5

2d180e659ae8180b343e4abddc7f304c
SHA1

7725c303e9ea8e747666436b913c5491b16a8952
SHA256

6fed5f74f0fa613ef25311cfc20d8b38abc5cf4b4c9183e34aa7386882dcf1ee
SHA512

37c38c59e0e629b5d28c930886eea0096530c42d473ef70f5a6aa53801bdb6386e1fe154cd6b0904325a82268dd0372355fb0fa0a401c06c5e725091e087e201
SSDEEP

6144:Lmb3/DGv75a3j51E+S6bjNeksVG9tAA1tIX3NYi/cXZ6TGJy:ZD5aTEb6nzdGA1tIYi/cXZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Quote Order.exe

Files

Quote Order.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ