Static task
static1
Behavioral task
behavioral1
Sample
Invoice 3892764.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
Invoice 3892764.exe
Resource
win10v2004-20231127-en
General
-
Target
Invoice 3892764.exe
-
Size
790KB
-
MD5
e87a53f8119728e8c0e5432276f1fbd9
-
SHA1
617316663be1c8fe0a31d7e989ce7eae0a93e922
-
SHA256
279479d7f8311dc31a6123bb46451795ae79864582bccee23e3262119a218f34
-
SHA512
e02ea27617448d7193ed9f43cc0f93a68e1861bcb2697e0c0d069f9c3a83c93002ddeb9ccdb770a83f97cb590e6aa4f850951bde773a89caa68874418943b873
-
SSDEEP
12288:asxTA6qNb5y7QsDzVlEcSqXbUsiaB3xeX2lfpuMtUzKVXPTt0uSax:lxs6koFzAcSS+aneX2lwMlVXPZMs
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Invoice 3892764.exe
Files
-
Invoice 3892764.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 729KB - Virtual size: 729KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ