894cdec44cc75039c532d9edc2b521af78e4107e913b979b6eac07c60c56df46

General

Target

894cdec44cc75039c532d9edc2b521af78e4107e913b979b6eac07c60c56df46
Size

1.2MB
MD5

69746ce363641afaca8a90114c336494
SHA1

f51c655bb59da818d38f811327ddb853876c5359
SHA256

894cdec44cc75039c532d9edc2b521af78e4107e913b979b6eac07c60c56df46
SHA512

6d746539f1f3e975a91779cbff30325c0a8c9635b22ae5a5b0727ea554ebaccf38158c237808087a7a0721d3f0b1c7e12cfae7664c4338fd513ed59d3d152db5
SSDEEP

24576:iSsSqi9qF0/0AAmz+nSr+eFKPZ4PFDsEkVzvTRCQPzUXMvyv:iSsOwucAAmz+nssR4PFDsE0gX3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/Nov Vessel Updated Notice - HMM RAON V.002W.scr
unpack002/REVISED ISF Simple Data Template - .TAIPEI PORT.scr

Files

894cdec44cc75039c532d9edc2b521af78e4107e913b979b6eac07c60c56df46
.zip

Password: infected
e4a923dfc35d73fc8fde8b4e0a0247935ce64505f4b23e605a6f0ebc842a7833
.zip
Nov Vessel Updated Notice - HMM RAON V.002W.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
REVISED ISF Simple Data Template - .TAIPEI PORT.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 936KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 542KB - Virtual size: 541KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 936KB - Virtual size: 936KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 542KB - Virtual size: 541KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 936KB - Virtual size: 936KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B