Static task
static1
Behavioral task
behavioral1
Sample
purchase order.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
purchase order.exe
Resource
win10v2004-20231127-en
General
-
Target
6a94e94a67e0bccae5b00f6b3eda454555dc40f07f5aaed982876a5645be423d
-
Size
496KB
-
MD5
b21e21e9c2d1310e7610aeffe699ba34
-
SHA1
a33b1a60c6fdda7589cd090fc72ef487d0a04cd4
-
SHA256
6a94e94a67e0bccae5b00f6b3eda454555dc40f07f5aaed982876a5645be423d
-
SHA512
6a0a4b65a2a26543c25efbedfb4311ab6b24cb3f6784d8948bf0c3ef5f0405c5e96fbede5abe106e8eca0ee211013f2b110dd73e08ab75989eb259147f6f79d0
-
SSDEEP
12288:94OTuxZpe1dvB3vyhh3wnrCdpauKyVFxAwLT1bQSZOj:9ni7sdp/yhlwnrYguK4CITdQic
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/purchase order.exe
Files
-
6a94e94a67e0bccae5b00f6b3eda454555dc40f07f5aaed982876a5645be423d.rar
-
purchase order.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 570KB - Virtual size: 569KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ