Static task
static1
Behavioral task
behavioral1
Sample
Quotation Request for Parts Order.scr
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Quotation Request for Parts Order.scr
Resource
win10v2004-20230915-en
General
-
Target
f01d6fe1962c9039b5f41e60df3e1aac339d796b8d660e4c67da5d84d0798496
-
Size
179KB
-
MD5
6ea8dec20a1a4c3816b5b4376fe586d7
-
SHA1
6df9f9198b24abf7e58d90585d2e57a17364e8f8
-
SHA256
f01d6fe1962c9039b5f41e60df3e1aac339d796b8d660e4c67da5d84d0798496
-
SHA512
4583e258a912cf208c6a13516af7f0a8f95dd24b7948a5ce66f4f48b6405982a92e9e637e223e8db646ed9d9335d3d710f791cb475db472cfed1180bd87ee8e7
-
SSDEEP
3072:R31vXwzbp+EBt+F/T2JnwgYkBP/6/g2IJkUc1kzrLmqTm1nxThMR/a9iQknv/B+i:RZwzoOt+FWwgYmaI2JUcWzGcm1nxFrE5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Quotation Request for Parts Order.scr
Files
-
f01d6fe1962c9039b5f41e60df3e1aac339d796b8d660e4c67da5d84d0798496.zip
-
Quotation Request for Parts Order.scr.exe windows:4 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 430KB - Virtual size: 429KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ