shipping doc[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

shipping doc.exe
Size

673KB
MD5

b6c160229be02b85c8b70198cb680691
SHA1

38ccb9aa355664a31a3e91062003ccd7bc1d013e
SHA256

ded41914661eb5ad6def52035ba6d7934251ba0f641f788f389853a5d4a53542
SHA512

77af17dea786f2d39c4a1dc64f332e657b4e84b36e9f64246d30369c4a4dad2bb3dfa86067eb00882b28753bd5ad8005f6062bf987b97b32d9bb5a0ca1af33f8
SSDEEP

12288:fJeceseSgLXrVKUXYtQoj9eCSOKNJAAk+yV0mwChA4TuNmJizg6B:ccesLgLX5LoQwsCE8Z0rChZJ8U6

Score

1^/10

Malware Config

Signatures

Files

shipping doc.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 671KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ