21112024_0641_eCertificate_of_Creditable_Tax[.]iso | Triage

Sharing

General

Target

21112024_0641_eCertificate_of_Creditable_Tax.iso
Size

572KB
MD5

c47be93133beb0de2583127cf241fce9
SHA1

6231d8c38b5669c044da38b7ee177459c284bde0
SHA256

ffc53cab5d9e3cdf213db0517ee50e484b64c77fd3e9fe1b4bada133a64d5569
SHA512

8c756e87e95b281a4836ef255896667a11cd0f7aed7195632b747e4587fb7d42c4e9cba01f27fafea5832cb7a08c44cadf642a9255247a34605a9875d1731043
SSDEEP

12288:BguY0rIobzV2KOPxGkYh+BppwW1xErml3PM5I6SWTmCxr3B9jS:rYDcBrkvr71xEofOIBw9jS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/eCertificate_of_Creditable_Tax.exe

Files

21112024_0641_eCertificate_of_Creditable_Tax.iso
.iso

Password: infected
out.iso
.iso

Password: infected
eCertificate_of_Creditable_Tax.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ