Purchase Order Project No[.]8873_ECOFIX[.]exe | Triage

Sharing

General

Target

Purchase Order Project No.8873_ECOFIX.exe
Size

101KB
MD5

5b93648ff0ed23f7a77cf8ba1c7dfd29
SHA1

4ab10dc761f140b00a880699b5b71d67d000f4b9
SHA256

9cca5ee417bb9929c186dc8c2daa8f645e23fc7b1c32c0cb18fef77ef728c7ca
SHA512

be2c33e988f20a153e0c922b9458c997ca93e349e7127bc83c95cc45d440dc2734870f862c0f7dede4a81f5fa5ecbf6d006aa65a63a7bbb3d38b42ac90df88af
SSDEEP

1536:n8D9sbgCMGEEEEEEEEEEEbEEzEEEbEEEEEEbEEEEEEbEEEEEEbEEEEEEEbEbE3kK:n8D9sbgCM5M7C34gj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

Purchase Order Project No.8873_ECOFIX.exe

Files

Purchase Order Project No.8873_ECOFIX.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\2023CryptsDone\p-Project-p\obj\x86\Debug\MiNlIl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ