BOL_Shipping Docs[.]xlsx[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

BOL_Shippi...sx.exe

windows7-x64

BOL_Shippi...sx.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

BOL_Shipping Docs.xlsx.exe

Resource

win7-20221111-en

formbook n2hm rat spyware stealer trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

BOL_Shipping Docs.xlsx.exe

Resource

win10v2004-20220812-en

formbook n2hm rat spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

BOL_Shipping Docs.xlsx.exe
Size

673KB
MD5

d4a1e9a56c52defb53402c08964d4569
SHA1

c907fd3db66a9ea9dfe45dc9fe3c706a18b4b3d9
SHA256

786aeabdb7664ab3c99105d7705946a0d3259b9096e5464db67eab31a2637194
SHA512

efda4d59c8020a1237206c60ff97ec625ce3f27bdf9634c6afb6eac88346c40804521b1d23d92ab8bfede6ffb5bc39ae3acaeeaf594b6dcd66bb34dc18b01907
SSDEEP

12288:ijcWU4GBbGgm0Gz6khFH79hz4b+Ku5L5daXcCAVN+/9/Guz:XfBKgNGz64Xg6L5dQMVNy

Score

N/A

Malware Config

Signatures

Files

BOL_Shipping Docs.xlsx.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy