Overview

overview

10

Static

static

9

Orders.exe

windows7_x64

10

Orders.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2530bd0dfc05cf316f3ec108fc0a384eb8e72f40bc8142c3fcdb92a9d251946

  • Size

    1.2MB

  • MD5

    ea5b92d980b8d65fbac061e3330bf9b5

  • SHA1

    5393d177115e95a6151a19852ba4d67b984260b1

  • SHA256

    c2530bd0dfc05cf316f3ec108fc0a384eb8e72f40bc8142c3fcdb92a9d251946

  • SHA512

    360952075bced1b434b8c4a63932244b5e0f2e3aa3327fe31028464023aa3c05555f7769e9a72807a8b6eabba2c3ea7fe720b55ed8fd2d4cfc2b41e385344d82

  • SSDEEP

    24576:9fLJ9qeeFv5HtxZsUBcDianRwhOZxgWrupPg+FFoCIfXQC8e/F+Ys:VFwe+xjZrBcOa4qHQFFdIfAJSF+Ys

Score
9/10

Malware Config

Signatures

  • Beds Protector Packer 1 IoCs

    Detects Beds Protector packer used to load .NET malware.

Files

  • c2530bd0dfc05cf316f3ec108fc0a384eb8e72f40bc8142c3fcdb92a9d251946
    .zip
  • Orders.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections