1[.]rar | Triage

Sharing

General

Target

1.rar
Size

72KB
MD5

712a72e0b97b1b24659ab44bc77e42d2
SHA1

0dbf27a9c47cb8d59cca1d44769ee09ca496640c
SHA256

8423008e3289419542dd8d07a896ea86009dca840bf2a3bae2c24ea06808d847
SHA512

d22ea35745510a057ea8b5ca552cdb3cf8fbb3bca3e916ebbb8da74360ebe6025896166bb0d9e14d1fd8d0c4da93a10125518ace89a442fc1b431e04ffd814fb
SSDEEP

1536:RRhxo0FYmex2Phn58CiUBJwPdtzdpFKDr+7me/P/2+olEPnf3orN:HDFQI8qnwPXz4uaYP/4lEPwrN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Po_7837236367-386363783-Turkey-Import-sales.xlsx.exe

Files

1.rar
.rar
Po_7837236367-386363783-Turkey-Import-sales.xlsx.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ