Static task
static1
Behavioral task
behavioral1
Sample
Purchaselist_january2024.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
Purchaselist_january2024.exe
Resource
win10v2004-20231127-en
General
-
Target
Purchaselist_january2024.exe
-
Size
673KB
-
MD5
b61753a6ba84f4688875f9c07d039604
-
SHA1
e22f5af6b9fbbd7c8a054959f15cd37de2eda8c0
-
SHA256
d92da33493917017ff937789890dfacd02c22671abd9ea8c196ea9dfd90f3a72
-
SHA512
7b916fa10ed2e4214f6853086b319d9408d7470fd4d1a119de171f7e31193383d76432b529c456227cc3f5e07aafb30db6ac89885c515462eeb7f86f5066b700
-
SSDEEP
12288:e1G+4WpAEvy9i9cHpLoKY0otrztmzsw61l3sg1+YOoTOanF+:IpAE79Sop0ot9mQwmlT+YOoSa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Purchaselist_january2024.exe
Files
-
Purchaselist_january2024.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 657KB - Virtual size: 656KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ