n9582023_Diesel_Power_Plant[.]lzh | Triage

Sharing

General

Target

n9582023_Diesel_Power_Plant.lzh
Size

856KB
MD5

b806d489a690b6a84913f1fb165e5127
SHA1

13fe37cc76c8b8bdc82152e7cd07ef8a1c4c139f
SHA256

1cb551acf0990344e1a4f35a13ea63b7888f6287d54040ab071567fbc13e9856
SHA512

1dfb1b6262bf6bf7acded4a26e65dca8cdb906fc0d6b2d08f9b957d3bcdf3c24437780caedd12b7f41d11fcbbcf057582bbacf162df1122d751d5de49eb7d869
SSDEEP

24576:26F7Ei+JSYra2VMGrAC3WdVtt2G5hpy2bQ/GlThogW:jFMhrasM+mdRfp7SGlNJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9582023 Diesel Power Plant.pif

Files

n9582023_Diesel_Power_Plant.lzh
.lzh
9582023 Diesel Power Plant.pif
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 917KB - Virtual size: 917KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ