Docxc-xerox-Printinvoice[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Docxc-xerox-Printinvoice.exe
Size

892KB
MD5

6d42a1eae1c8b8304ff349d919381716
SHA1

4b64dffa366e6d74d007ff9d286af3e8e47f437e
SHA256

2fb8f2940043a26f22228fe74438848af86ba93356e4defcf3e6611bffed5aff
SHA512

bbc6a106742af9dcb0afa7af4f7ca294f00ff99192059c0b2e4d5d8f87927f4b4c51f760751ff4124f10db4bd2791f15677700e859869ec8f1254657bb6a34a6
SSDEEP

24576:ZdsXUpExO0toph1PmEmZ4ZsNV2WzpqS6Nne:bpExO0tE5mZQsu2pE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Docxc-xerox-Printinvoice.exe

Files

Docxc-xerox-Printinvoice.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 889KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ