14102024_1644_13102024_TRT98765456789000[.]doc[.]xz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14102024_1644_13102024_TRT98765456789000.doc.xz
Size

403KB
MD5

23d926f77daa6417500aef439e431f8a
SHA1

45bee4a28e642ac1b5e0d8343f43ca12930fd115
SHA256

19788cc265770480ee0e109009dbee37ce7b738077b70bfc423d9b539012ee41
SHA512

4c2c535617b8a60c0b23801302e83e08dda767090e14ef60aea83c578301e70d8c2c174c656f1ddb0f71c90c780e06d081d526bc3cde5373e617559eda07c4d5
SSDEEP

12288:lysfYR8QEmtlCZpieA5Kyl3D3pQNR8G7Asv+y:lFwR8QntIytcKp5G7A4P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TRT98765456789000.cmd

Files

14102024_1644_13102024_TRT98765456789000.doc.xz
.zip
TRT98765456789000.cmd
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 600KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ