Static task
static1
Behavioral task
behavioral1
Sample
order6566546663.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
order6566546663.exe
Resource
win10v2004-20230220-en
General
-
Target
order6566546663.exe
-
Size
643KB
-
MD5
8a728a201ff4eebc956d8747c0b689e8
-
SHA1
94fe365f40c34e83e39a4c81c7cf9319d7cfa6cc
-
SHA256
0807202daf2095810fdbc78ccf60ed83368e84da1f89d7215f9bac6590b40b7d
-
SHA512
318b968f5ce9a3caf4a2664bcc6c355463ad78fb65c09cb054ac3fd00e65f7ea454bdb7b9577c6743a01c540eca57b6527708a9008926ae8c10737231ac8511b
-
SSDEEP
12288:ioEP/SJasDrhUVMJ5kjDZCwbX9PblDCkIcxWMB:A/4pDfGDYuRblDC7cxW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource order6566546663.exe
Files
-
order6566546663.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 640KB - Virtual size: 640KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ