Static task
static1
Behavioral task
behavioral1
Sample
Air Waybill.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
Air Waybill.exe
Resource
win10v2004-20231130-en
General
-
Target
838357e4ce664c6cdfbaf1e82c86d5f50b3aea38435ba567c070a3b2667bd780
-
Size
693KB
-
MD5
69c15db3c82653e745e180499209db5b
-
SHA1
bf4030f8d87f48f13dc9d8a42d7cce96ee3c0184
-
SHA256
838357e4ce664c6cdfbaf1e82c86d5f50b3aea38435ba567c070a3b2667bd780
-
SHA512
72fd7c93aef6725571b63b029440f123bffec97f2ff60f75e7e516c5e70379a3d2750173a4a13a2a952af28dcf72d31705df44ab67c9efc747c2f2330ce2ff46
-
SSDEEP
12288:xIbOyRqHzKfXlQ7azJmhXLu5aQLwW0ShFzWGoFIXXzlGrI2C7Z+Atb/rED0+ccw:2SWflhJSXLu5aQLwW06zzsEwAtbIhHw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Air Waybill.exe
Files
-
838357e4ce664c6cdfbaf1e82c86d5f50b3aea38435ba567c070a3b2667bd780.zip
-
Air Waybill.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 733KB - Virtual size: 732KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ