Shipping Documents[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Shipping Documents.exe
Size

974KB
MD5

f1d59be78baa93c08decea3ebca8f402
SHA1

c137fe75f7c656459f53311cd8f15cc8fd1e747b
SHA256

bcfdc040b913be59b6c1040d5f26c78a2e348fefeb50c6be163bea302998ce24
SHA512

9674701bb159ddf930f8efd7c7b538c907509d16d83d8b7a00c16c005372a01be350c5342c2bc900a71cb7e79540e9b8a7880548da7fea15eb5950044d22d126
SSDEEP

12288:Kon5ySWrR0SgmpbmhVcdzpIbrIpIPDPcEkFqz4oAWFJ:L6R0SVVmgdzeIpALgqdAW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Shipping Documents.exe

Files

Shipping Documents.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 971KB - Virtual size: 971KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ