17012025_1306_16012025_order details[.]zip | Triage

Sharing

General

Target

17012025_1306_16012025_order details.zip
Size

300KB
MD5

105e260e0fdc0ba1292ba02e788d4b87
SHA1

29b3e4791d248d070d0d6c8151d44fd92eb4687c
SHA256

e7a00b43e134549a1439d916c0eb202d39d1cc16c529e5bff0fd5e9d5f995ec1
SHA512

5833e31ba277c0ddab0e2e1e1f20afea158de83982588582f9505db3003d329accde015bb301b5c0acba6784db470282c4ffd6ea06084cffef64f6be894d9059
SSDEEP

6144:vwoWZlwBGmwCWNsTizBrg65DNTtiCP/vSX5YjtrwWmX8Asf:vwLZuGm63zaQTtiCHKXor3Ao

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/order details.exe

Files

17012025_1306_16012025_order details.zip
.zip

Password: infected
order details.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 575KB - Virtual size: 574KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ