07112024_0023_05112024_364898 FD PO# B2023-21508[.]zip | Triage

Sharing

General

Target

07112024_0023_05112024_364898 FD PO# B2023-21508.zip
Size

598KB
MD5

7bdbc86cdd6f47e111ba606f0242c6d2
SHA1

76cfeb7ca6880701a64d7246408c71e8d6a5d83b
SHA256

eabc6439686afc3eada981aee578951fff9f5bb5d6a169332fa3c40bd71f7a28
SHA512

894c00384ed16bad810c05a718a2be67e0bda419f53cc4335327cd74d1f12a275bac02ec610a5e392fab279f995f26e37344ad78d32398eae181f4598837b881
SSDEEP

12288:We1Ws5nCRPVZ4JVrrz+a8mdIjm1ZyD0qtREU5o76RO6C3ZQKXj4k:WQWF9uVvzPf1YA6RG2RSB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/364898 FD PO# B2023-21508.exe

Files

07112024_0023_05112024_364898 FD PO# B2023-21508.zip
.zip

Password: infected
364898 FD PO# B2023-21508.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EfV.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 727KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ