Static task
static1
Behavioral task
behavioral1
Sample
COMMERCIAL INVOICE.exe
Resource
win7-20230712-en
General
-
Target
b15ac309b3580b711b01836090373b08.bin
-
Size
716KB
-
MD5
64dd083853c152a264a3140d2c3550c2
-
SHA1
62c744e2520884fc782688405a0de7aaa57cea67
-
SHA256
f36eeba6adb98f6f43365c6c96ed6db2370ecca4e29e582c81389eab575ab73a
-
SHA512
7867fad0a3c77201ba9fea98c16974b6edf8c520acc07ef27c6149c989a93e57d26de7dacacfab4be8ea3f02f0c0136221294daee3586585b10bfe9e14f2f9c2
-
SSDEEP
12288:zc8Y/lRyWMYbAka20pUCj6jKJwe6Sfcm/QgX3XhB056IVXaW8D4fIDZj+CUk3:rY/KIAkFFBne6sPQgxm5zVXB8D1393
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/COMMERCIAL INVOICE.exe
Files
-
b15ac309b3580b711b01836090373b08.bin.zip
Password: infected
-
165029913999a83ee7ba07a4e60d39305af1f0d13ed8f390beb1b321c9a49c36.7z.rar
Password: infected
-
COMMERCIAL INVOICE.exe.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 787KB - Virtual size: 786KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ