Purchase Inquiry[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Purchase Inquiry.exe

windows7-x64

Purchase Inquiry.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Inquiry.exe

Resource

win7-20220901-en

lokibot collection spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Purchase Inquiry.exe

Resource

win10v2004-20220812-en

lokibot collection spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

Purchase Inquiry.exe
Size

721KB
MD5

bbf8cc59cbe4cd8d3845c1499335c07f
SHA1

045568cace1af652cf3dea51f561bfe80c0035d7
SHA256

7329528ead7542c9af48aeff33fcfa265731b53ad352af1efc3666911f115090
SHA512

7a26c93971d7470800187fecb2908d377bd2df9aa24fd69b6c6c999746384f37e2cfc13679cef3977e4bb7b833f504ab4c2cbf10bb2883f9d52d711f678f9210
SSDEEP

12288:Be1O4WxovDi23bDIg95lzKogGNkwZ3cYRMdS98MTHRyoY:eIgvxKodMS2MjRpY

Score

N/A

Malware Config

Signatures

Files

Purchase Inquiry.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 719KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy