FedEx Shipping Documents[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FedEx Shipping Documents.exe
Size

945KB
MD5

c1504b281d60551dc430711499a5c68f
SHA1

a28bbe6174d609f599e7feddd1c3c707bb0bab97
SHA256

09c6284a6a3ff23dac87fb515c96d20cb67f33ec6afda9dd79bd2debc70bb3f2
SHA512

7fcfa66ecdc4dd19f48905b0a5d6c637b1dd369a0a216c8f34f1be22c911624cd02e844414625021bf27c369cb443720b4ad2e71dd224919b601a726f92e1e35
SSDEEP

12288:bpDQW8CrvfzwLVYKP/0UpmJCKUpoK5Af1fDrQM7yrBxCA:gjpo8q1fxy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FedEx Shipping Documents.exe

Files

FedEx Shipping Documents.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 943KB - Virtual size: 942KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ