Pirkuma pasūtījums_(PO410533)_TOLMETS[.]exe | Triage

Sharing

General

Target

Pirkuma pasūtījums_(PO410533)_TOLMETS.exe
Size

238KB
MD5

3957d1329cf4a45e54c86b88c3527ee9
SHA1

849e0bee18e2a7201ac9da6a2599b4cb3b59dae5
SHA256

d5174e488e96f653dab3685dba351bc77cd1e264f3dae443527d845e7e5a5b38
SHA512

f6819102d948575ec0d02c9041743c6ad5050efc3b111e0d59bd5af7b2f6a433744221123ee0915197020fc382236926b12dfbf161ef5faaad92fd509737ab62
SSDEEP

3072:DVR1+c+l0b8rcf4LTlMxol5VCbDO7csj+b+rerEAmjc+D:xbxfXfQTKxu5oW7ve8cEAmg+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Pirkuma pasūtījums_(PO410533)_TOLMETS.exe

Files

Pirkuma pasūtījums_(PO410533)_TOLMETS.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Setpt26.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ