Static task
static1
Behavioral task
behavioral1
Sample
Shipment Particulars.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Shipment Particulars.exe
Resource
win10v2004-20240426-en
General
-
Target
f9071918c9eb5b87657031356d8610583e85fbf23a2b15179a81d9dba041ab8f
-
Size
441KB
-
MD5
154d032084995f2bbeea9d874f9c65e7
-
SHA1
6e4ae2e2eafb2e7764f8de2f42abaa1c79a59546
-
SHA256
f9071918c9eb5b87657031356d8610583e85fbf23a2b15179a81d9dba041ab8f
-
SHA512
df068f08f025ad331042209b1e0c05d86a2999540334990d924964380e3316c76ffc9913ab396dec602157d7e659e77a24a4d146ac292461599b775bd5b675fd
-
SSDEEP
12288:BiiUWfdah5Z7OIWd/ZsYIqLAOgN8bbAB/nkkEnv:BiitfdakuBDBMkC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Shipment Particulars.exe
Files
-
f9071918c9eb5b87657031356d8610583e85fbf23a2b15179a81d9dba041ab8f.zip
-
Shipment Particulars.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ