Static task
static1
Behavioral task
behavioral1
Sample
Proforma Invoice - Well Ergon 16-09-2023.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Proforma Invoice - Well Ergon 16-09-2023.exe
Resource
win10v2004-20231127-en
General
-
Target
a5d50d0dd9ddcd2a0dfc27ff42a5bb13487b2c7b94087666fb5a16a0057b1549.7z
-
Size
693KB
-
MD5
c7980137b6979656fa31cf6cce3c715e
-
SHA1
3c71737304fcf580263278940498bf019ea1a265
-
SHA256
a5d50d0dd9ddcd2a0dfc27ff42a5bb13487b2c7b94087666fb5a16a0057b1549
-
SHA512
26c9d554a545b2261913f364437cec92f1754b2a4e880b34d94fcb9bfc60ae24114117cf25ffb445953af26ee408b40aed1e8a0bdc129f4cdc77d5529c827ab0
-
SSDEEP
12288:uwQCqu8K4ujLCzwqKHJ6MSaGyAds1EDrHE+f3R/Ekao:VlT8LOSn21ArHbhnao
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Proforma Invoice - Well Ergon 16-09-2023.exe
Files
-
a5d50d0dd9ddcd2a0dfc27ff42a5bb13487b2c7b94087666fb5a16a0057b1549.7z.7z
-
Proforma Invoice - Well Ergon 16-09-2023.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 768KB - Virtual size: 767KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 212KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ