Order 3078[.]r7[.]zip | Triage

Sharing

General

Target

Order 3078.r7.zip
Size

624KB
MD5

734231d1654ce8b46f869e7819b143e3
SHA1

fa500245d6ccd4d29c39c84a291043df0d6316a8
SHA256

6da0e6f30c344f1bf21e4e24f3682587e005d4eef92b153bde25f94b70dbbc05
SHA512

bc64b54598cc4a65aba5a264517a0e51b16444fef10fb35ada70d0a3979256ac2992592985c7d293e23dc263b733ae83fefef47aa4ee26141e9fbd3ad3977b3a
SSDEEP

12288:A6GG5JjXR4epM1IvFg6nplPNIcwHulQzIs5WGMhJDjumqWJj4H5fRX8/eL:Dx5VXCZ1W+6pVa0eJcbJXCWJj4H5fz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Order 3078.exe

Files

Order 3078.r7.zip
.zip
Order 3078.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mmVj.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ