Documentidispedizione00028384[.]bat[.]exe | Triage

Sharing

General

Target

Documentidispedizione00028384.bat.exe
Size

835KB
MD5

5923df60fd65e0d4a4e22d65f52d3d2f
SHA1

d5ba5caeada36a7fbc9b3cad327ce1e71ca00435
SHA256

05d0b2865cb2b3ed3cbed435b38bf2436c04c1acad46351d70d011da2f96c3cc
SHA512

170eedbc383392191e40dbf0273f60533c939aa1a6b894ac0b15a7ab46d36c192a8ca1c4a8dfb3f8dbf593f9256873462215c12af4e7b1857e8b85415aa85867
SSDEEP

12288:Tx9Y+no3LopTy34dCOUWxr03jWkBJPc9Y+S/ks5FiB6vCXTDE0/Fi6j:TIMo3qYWlMWkvcK+S/1Y5X80/p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Documentidispedizione00028384.bat.exe

Files

Documentidispedizione00028384.bat.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 833KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ