PURCHASE ORDER-6350[.]rar | Triage

Resubmissions

04/10/2024, 15:08

241004-sjb5cavdpg 8

04/10/2024, 15:05

241004-sf5mgsvcnh 8

Sharing

Copy URL Twitter E-mail

General

Target

PURCHASE ORDER-6350.rar
Size

661KB
MD5

503f9ea3f1b9bc4f23bd2e819eb31dcc
SHA1

09a64f4f96e196b8727ee34f5d3cf6c86dd18ec8
SHA256

333c7e2710975f16d7f65d855c7c5426db5eb229ee23e12e669a4f787a3f27a6
SHA512

133454e3f40dd62e4604faa83f33c84230a15bfc2534ef769e41de4fb95d1732528de6b29c0849b59f95360255de1a762bc1eb3dbf9382e6ee7d3f953309c543
SSDEEP

12288:Z7cu+vEl7fAvcNnkAprmZBjroSe+6+HMagDLvhZ+lcNsoa/fVSdm+YNzi:ZoNG7IvekAp+BXQ+6+HMagDLZS+soaQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PURCHASE ORDER-6350.exe

Files

PURCHASE ORDER-6350.rar
.rar
PURCHASE ORDER-6350.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RymZ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 831KB - Virtual size: 830KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ