order confirmation[.]exe | Triage

Sharing

General

Target

order confirmation.exe
Size

688KB
MD5

c662d081f4cd41e817cc9e246ca54633
SHA1

0d1383e23f4b4a9aec5b8a43725af2212a5bdc83
SHA256

d0cff61258d18def7ad7129368ecaccf5d2389eb1fd79b6cbb411c65c5783e0d
SHA512

9230b6c03e706740dfd262dea4bf9848b87d92659a5e9431c97ee790c664f31bf20867feb98f6819f8bb24c300ba45e784c94e30f9961443362ff4f7e40b9ac0
SSDEEP

12288:vYN/Dswecl9h3/IWs0CFEhNnut872bdnP54UBBTFGLJmqHtJLfPDGlVFSl2p0f+p:bweO3/9/Cq/leTFGdm8tJL6l6AHVLn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
order confirmation.exe

Files

order confirmation.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ