Shipping documents CI&PL orde[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Shipping d...de.exe

windows7-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Shipping documents CI&PL orde.exe

Resource

win7-20220812-en

snakekeylogger collection keylogger spyware stealer

windows7-x64

16 signatures

150 seconds

General

Target

Shipping documents CI&PL orde.exe
Size

779KB
MD5

18c8885325698aafe73bffb4000f91f3
SHA1

4f8757ded4f917e62f9cccc659134078391f4ff1
SHA256

eb995f7ba46e5dec3099fbbcee5dce2ca160df6b8237e7ebc0d4a6bd1a615ec6
SHA512

500640463ff9034347d04cd2b511243082431a22781831bc3fc4bcedfb898e6f19048eecc290d0757899ab6b36e26093ca295aed7d85edc148eecc3a750d4e80
SSDEEP

12288:Z/DJAI92FgmzikGW+yXQyRF5fwNr7dO1mzts4ZD9IEIDri:Za9LikGWNyN/pJblbID

Score

N/A

Malware Config

Signatures

Files

Shipping documents CI&PL orde.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy