Static task
static1
Behavioral task
behavioral1
Sample
FedEx Express SZVA3421.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
FedEx Express SZVA3421.exe
Resource
win10v2004-20230703-en
General
-
Target
FedEx Express SZVA3421.exe
-
Size
1.1MB
-
MD5
8b3b9ff05fcf5d03a85cbf2e3d1f1b3e
-
SHA1
0d83b38e05c765e9d70cf49e6d3acd0d2ee6f8d3
-
SHA256
825c914d1b8044d69a28fd70cb9eb16d4e8cef5aea5467bca537919f5de0ee5b
-
SHA512
7302f9102804924155ec2fc3186aa8e46a398b8698dd55d007d183116b1e4ff1701685417bc807587fb131489dcc21859d08cb2901c6d3eaf7de3f599b81e956
-
SSDEEP
24576:ZXi6cpYRs6CE3jLMpppdpppppUO9Rs6CE3jLMpppdpppppUOuOgui/bIygLPIA29:vRs6CE3jLbO9Rs6CE3jLbO+uAv2PIALk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FedEx Express SZVA3421.exe
Files
-
FedEx Express SZVA3421.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 971KB - Virtual size: 971KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 174KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ