5f12f30d2c413e4d5a66d9e5b42ab2bb508127e069849f94103fa326c972f510 | Triage

Sharing

General

Target

5f12f30d2c413e4d5a66d9e5b42ab2bb508127e069849f94103fa326c972f510
Size

809KB
MD5

1b02f25a68c5d515dd89f1e4fca9ba63
SHA1

9c89b45e9532e9c01ad543c4fb0e6ace2ad81e6c
SHA256

5f12f30d2c413e4d5a66d9e5b42ab2bb508127e069849f94103fa326c972f510
SHA512

7376de76b5563285e5a5090716f165579ade187d7858b3a86a8fbea5637faf6fcf692c14781eb41c93549127961e1c3d0520e6fd2307c9693e7e6c846db1ed9b
SSDEEP

24576:2ofEMlWtxnU1f1CHRetef4JchN9hU6mpKy+YiSq1eVhb:JwxnRwtewyzFmpKyCSbVB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Purchase Order - Hi tech Insulator SAPPL23240999.exe

Files

5f12f30d2c413e4d5a66d9e5b42ab2bb508127e069849f94103fa326c972f510
.rar
Purchase Order - Hi tech Insulator SAPPL23240999.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 960KB - Virtual size: 959KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ