KindswaterAG-TG4554476-MEXICO-2024-300994[.]xlsx[.]arj | Triage

Sharing

General

Target

KindswaterAG-TG4554476-MEXICO-2024-300994.xlsx.arj
Size

256KB
MD5

77aa27952197c103763cdcecb1464d9a
SHA1

f094e2f50059eb216bd4415f994fd3eb395c361d
SHA256

4b8f3233bf928426a554b604c17442a3b89c48d265df8ceceb5c725b98382394
SHA512

78d25606c6deb7b4af4e4f5aa1d4830407e56e9d8579265ddb75356fbc44dec260162ac917bae412a96c2559aa543942d2b338f4245750d0f1164912b2382a4f
SSDEEP

6144:2wIJBbg6ZdgSHtC/BXPZVJg83QkzZ1V9CZI2A9Mil9yuFV:LILOS07VJgMHjz8p+l8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Kindswater AG - TG4554476- MEXICO-2024-300994.xlsx.exe

Files

KindswaterAG-TG4554476-MEXICO-2024-300994.xlsx.arj
.rar
Kindswater AG - TG4554476- MEXICO-2024-300994.xlsx.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 891KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ