Static task
static1
Behavioral task
behavioral1
Sample
Invoice.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Invoice.exe
Resource
win10v2004-20240419-en
General
-
Target
a30ef816bce43896b87dc946f00c0d75.bin
-
Size
761KB
-
MD5
d97e0fd5452c030ed75cb2e9835cba2b
-
SHA1
e5d104d8fb3a5e75643ac31d8e01f5b312454cf5
-
SHA256
04850af649dac3c9ef6ea1a4a3ca6244ae110a42443bee390c5c3414bbe840f2
-
SHA512
9d4c86cdc761bb122ea6e3406dc015f510c34819a3319b5d58f732203997e044e507bf436528e1d8ae9b60f9f41e0d8aed07a0b01afaccd843ce1c52e30fae88
-
SSDEEP
12288:jwIczI6CVB4/JZEXYbebVbeOT86NM7hlvF7ASrflUR58vWnQZOZuxHQURDj7wW85:8IesXYbeRvbNM9ltlrc2+3ZOPBj7q8nC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/Invoice.exe
Files
-
a30ef816bce43896b87dc946f00c0d75.bin.zip
Password: infected
-
18d273f276cb2c9d1a3cded2d775b20cb5eb68ed232b6f126225f0ba642c6fed.rar.rar
Password: infected
-
Invoice.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 808KB - Virtual size: 808KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ