09102024_1602_09102024_PO2780[.]7z | Triage

Sharing

General

Target

09102024_1602_09102024_PO2780.7z
Size

889KB
MD5

63fee1bbd44567fc85856263b78054b2
SHA1

a23217e5dc7b2cf54711ad04d8ee6cf5f5f06fdb
SHA256

f598d0d709c87d2a6411cec416a9eb92ccbfd2c335d9a3e2ea15d363588c3c16
SHA512

8acf1144dc39cce05e1320758c955969b263851ecfca6d502ec909d77fcb6aa02ec113d5a3b4bb96e209a71b65512cc30ee88d711454c0d586c069de90790dc9
SSDEEP

12288:cRsJDdpmBs7/zJht5J84J58M+9JdjlVbZBc7Fgj5WtOOZkVbKSiWFmLH1X/6:cWJDOs7/zjtlK7ZBc5r8OWp1FmLH1P6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO2780.exe

Files

09102024_1602_09102024_PO2780.7z
.zip

Password: infected
PO2780.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sQBc.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ