Static task
static1
Behavioral task
behavioral1
Sample
sales payment.scr
Resource
win7-en-20211208
General
-
Target
0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6
-
Size
936KB
-
MD5
2071e7aafe8a5db09fff23762d2b449c
-
SHA1
34d7501e6dae793af5b99a065887083d94485588
-
SHA256
0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6
-
SHA512
97cec7a577adde24663ddece68f6058cb9cb127c509c43f7f6dfe6f34d17a4ee6a5fe9138fff8674c133044729662aaa6321651a5c7dc7b4bdb90d0ad48c7373
-
SSDEEP
24576:TXiiMmGp5FXW39+zkDV1/V8uIH7Psxnh/EzpEDugo:jBMmcFtSVVIbihszFgo
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack002/sales payment.scr upx
Files
-
0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6.eml
-
http://www.international-service.ro/
-
-
email-html-2.txt.html
-
email-plain-1.txt
-
sales payment.7z.rar
-
sales payment.scr.exe windows x86
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 876KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 341KB - Virtual size: 344KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 369KB - Virtual size: 372KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE