e1c9cabadc6f185f2f0951a6e6fd0465d760b65f1496ee45fdbdb518752d942a | Triage

Sharing

General

Target

e1c9cabadc6f185f2f0951a6e6fd0465d760b65f1496ee45fdbdb518752d942a
Size

445KB
MD5

4f201f99838e502b985c45668595f79c
SHA1

773961b9e72cd131939b08f2f13a95977407b8a9
SHA256

e1c9cabadc6f185f2f0951a6e6fd0465d760b65f1496ee45fdbdb518752d942a
SHA512

6bb0e56acb99be85ccd8d07354b18d64c1be6c202bdfc4c3ac89fa74eb6d4842646ec72a99b036925e9136bb8dfd6ff48f8c82fb8ade0833628632a45a8b29c3
SSDEEP

12288:Pw6dwXd54CPlAdjGh9Q69NxlQzddZD6d55Nmxf:PNdwXdntAdjGh9Qel8LZs5naf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase order_ invoice confirmation.exe

Files

e1c9cabadc6f185f2f0951a6e6fd0465d760b65f1496ee45fdbdb518752d942a
.zip
Purchase order_ invoice confirmation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ