shipping documents[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

shipping documents.exe
Size

802KB
MD5

21f1e02ce3a995d1799b99f36217c9d2
SHA1

ebc1e5e614023e61e614695df862e09d47511428
SHA256

ea9f2431a64fc69fa9fdc839c8526744ede33f35a8e0a7b703fa2e03382c49d2
SHA512

b1e7254315c3ac05348ce70a008e4dd11a74f6e92739a0a51b79492497f14fb913f1f3fdad2e94aef12addf7f3149c455ba3962eb964b076a9a0b074c3aa398e
SSDEEP

24576:pUlRuJOyqGUL89cHCPR+0irMoLmc0plJ:pUlRuJNqGo89AC7sbmcK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
shipping documents.exe

Files

shipping documents.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 799KB - Virtual size: 799KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ