Business_License_and_order_confirmation[.]zip | Triage

Sharing

General

Target

Business_License_and_order_confirmation.zip
Size

506KB
MD5

65507e7009e8894d5ab6cf4a612da5c4
SHA1

d3ad1357b314de44a22f62004e1d55da94fd5b15
SHA256

75f46aca8782194fef67c5df2632a76736674afa4b5791d44ca3d30e039754bc
SHA512

26cfb0367ffad8f9bed5486b244bf8add1bbbf74fcc0bc6b9bd69f8db058551fdf4982e201cbf166f8c33736e3097b317de6a52800ed6b65417c6ee2594c2179
SSDEEP

6144:5cf/hZqSw98xAVoqagYAydOKRVAX88EbtVknTS1UcLAWqSL8AXl4mWDq7c4MS3c+:5cXhNBmwZSTyUcmq8AXiukg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Business_License_and_order_confirmation.exe

Files

Business_License_and_order_confirmation.zip
.zip
Business_License_and_order_confirmation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dEdg.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ