21112024_1248_dte56u[.]zip | Triage

Sharing

General

Target

21112024_1248_dte56u.zip
Size

606KB
MD5

bf456e41aa028ef43e471b741f186748
SHA1

5cf51973f6c4f8d778ea655483737db0c766cd3d
SHA256

36e8f30c3b2c7de1173d7b6e14b44c0f4141943a4f92f7e47c88e4cf29099da3
SHA512

a85a7796d2beee3f6ac7dd0d869f1eb2c363f072eefc9327c384de3b580184e6a5a02cfb2ee8fc5f46ceb4e0d06a1ef2c9b20cc04c11dbb8e52b695b24ffce68
SSDEEP

12288:9MCcBOxWWBbD2BWKwUDG5ucPJegw18z++2egt4jPr8P95mxB3wxk1:RxWkbodDGdxeXE2ehXG9YxB3w+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/BOQ & SPECS-JTCAJC-QINHP5-TIS-L0009- (AL DHAFRA) AL JABER - SUPPLY.exe

Files

21112024_1248_dte56u.zip
.zip

Password: infected
BOQ & SPECS-JTCAJC-QINHP5-TIS-L0009- (AL DHAFRA) AL JABER - SUPPLY.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Hpcd.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ