Static task
static1
Behavioral task
behavioral1
Sample
Shipping Documents.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
Shipping Documents.exe
Resource
win10v2004-20230703-en
General
-
Target
Shipping Documents.arj
-
Size
456KB
-
MD5
d6dda57ee88ce29f3eca358a98516b80
-
SHA1
96ac8ab93c6c6e7d1dfe4b3c4ddb3e762ae3ea0a
-
SHA256
076507c716bda542486940e15da449bba73804f0510528fb1e4ecfe6c027eb42
-
SHA512
96ef89fe250301d2d3a8a321595493cff39f0ca7269f4da6ddd78cec7e0500c1e22f33f34558f4b4e70a58c48aba5e44c23cbbdca7403355c6c6f3b67e3176a6
-
SSDEEP
12288:Vr6w1SnKYLYaaI/QEUUWV/i5ihoM+3BlBedQOH/:0wkrUa30VEwQBDE/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Shipping Documents.exe
Files
-
Shipping Documents.arj.rar
-
Shipping Documents.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 565KB - Virtual size: 564KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ