Shipping[.]Document[.]Confirmation[.]pdf[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Shipping.D...df.exe

windows7-x64

Shipping.D...df.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Shipping.Document.Confirmation.pdf.exe

Resource

win7-20220812-en

formbook oe47 rat spyware stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Shipping.Document.Confirmation.pdf.exe

Resource

win10v2004-20220812-en

formbook oe47 rat spyware stealer trojan

windows10-2004-x64

5 signatures

150 seconds

General

Target

Shipping.Document.Confirmation.pdf.exe
Size

994KB
MD5

e8284ea2fdaeffa5d38de54c156eed6e
SHA1

b2895f73f0fd55a47c8b0bfffd2c1280eb44436c
SHA256

c6d4469628973b42861dfd82d5bdb14d03cfe0ded1511db6a04964f72404b521
SHA512

78ffa8c266ef1d4a4dfa0d39ce6e1a4ce5489c192955d75c4e13078e0c45e04488d7781a49383feb521d5d8769a753813f7c55df4f6a8ee41c6de00ed94fbcc7
SSDEEP

12288:23VwqBIDMq/aZNJAcwUcr+ny9ebjh8aDI+iL2OPpK:m/qENJA1r+yEZ8f+iiOPA

Score

N/A

Malware Config

Signatures

Files

Shipping.Document.Confirmation.pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 992KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy