shipping document[.]r15 | Triage

Submit
Reports

Overview

overview

Static

static

shipping document.exe

windows7_x64

shipping document.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

shipping document.exe

Resource

win7-20220414-en

formbook xloader pdrq evasion loader persistence rat spyware stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

shipping document.exe

Resource

win10v2004-20220414-en

formbook xloader pdrq evasion loader persistence rat spyware stealer suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

shipping document.r15
Size

467KB
MD5

f25eafbf016713062d75ab1ca1cfab0f
SHA1

4a2406cb7c8576e8d763d0c9a500b8cc51cb695a
SHA256

86e4d5f6e971a493c6d56fbdb71a4a6c6deaf7eca8c30f086bafba45159f8e22
SHA512

66da793a06c2c525c211e0723fb641e7955509987bd5b3f799287d746b285ecffff1bfdc0b292f63d16670ba29e74345e78cbb64aa7c8e0f5859f1841647d8ab
SSDEEP

12288:3gk3iXNnnWhMsfofjdqg2GFPgpoCBqDfuKcXUW7yfVdTBgVasjf:wk3ulXwchguCBNhkW72hBEH

Score

N/A

Malware Config

Signatures

Files

shipping document.r15
.rar
shipping document.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy