Static task
static1
Behavioral task
behavioral1
Sample
PurchaseOrder.exe
Resource
win7-20231020-en
General
-
Target
PurchaseOrder.exe
-
Size
991KB
-
MD5
7f34f396c23c89adf6c24092553d37ad
-
SHA1
2a1f3891876c7a1faae11986d8861ad953447850
-
SHA256
ebb3a5afeb6a34fd0ca7e4ee234a04f66de5b7a38fbc4171ff5e8bcaeec8e100
-
SHA512
3afe1ca8ff06cbdf62383f5dbb3ff1c0eb00f9ac5f608ba0a72290c5b8a76d7b63aff388f5fd2c6c8dbacf92d3445407a97b1457beb7237b43d381a3db2b4bf7
-
SSDEEP
24576:sh1sHVJwxIM6k8ZMhvlb3QAae3QOoE4m7xhABW1ZO:sSVKxv6k4uTDAOohm77vO
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource PurchaseOrder.exe
Files
-
PurchaseOrder.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 983KB - Virtual size: 983KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ