Purchase Order[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Purchase Order.zip
Size

443KB
MD5

14db2dbb1e3866e05f760a57cb885766
SHA1

2cda503a6effdd8440693b177c8ca9ff0e5df618
SHA256

b98cf3eac586925679b57bbe6e5b84c3cdba942ae3bc5b866b809a19ff2d9aec
SHA512

0ade3716f6126ce38ea8d2e483db5a8133c8998859a71af0b43aa4ada8be6a29e9c892ffe067717ca5612cac1a61743a5073044b0d56d04a257cc7b77f694731
SSDEEP

6144:B3a5vEFxkHwCtehH8Ki4BDPGPzoK6XqVSlBo5KcUWxY34sFNYwWugHgBKSuiamIP:BmvEUHNtSuOD+6Xh0UWKFF3KSqmIeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ik.exe

Files

Purchase Order.zip
.zip
ik.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ