docx[.]exe | Triage

Submit
Reports

Overview

overview

7

Static

static

1

docx.exe

windows7-x64

7

docx.exe

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

docx.exe

Resource

win7-20231215-en

spyware stealer

windows7-x64

2 signatures

600 seconds

Behavioral task

behavioral2

Sample

docx.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

1 signatures

600 seconds

General

Target

docx.exe
Size

5.2MB
MD5

d3bddb5de864afd7e4f5e56027f4e5ea
SHA1

ebb0e34f44089fd4cc750b5fe0dcc14f6bb85a11
SHA256

2318ae5d7c23bf186b88abecf892e23ce199381b22c8eb216ad1616ee8877933
SHA512

2905af78720fccb1167811b871d0509a6200c9cdc920409c337d30bf89e0be9c77195919e59e67c39dea0f8881d64f272825434e9e9a546df1b74451ee1e13a6
SSDEEP

98304:TtClVkoOSfJNp8FUcwti78OqJ7TPBLYVrsk9N8ivyhAdsPSQx3UGgdN:TlobhH8FUcwti7TQlgVN8iNIShN

Score

1^/10

Malware Config

Signatures

Files

docx.exe
.exe windows:4 windows x64 arch:x64

Code Sign

6a:e9:18:f3:81:c8:65:b6:41:67:5d:93:53:ba:fd:fd
Certificate

Issuer

CN=DESKTOP-DSDK4NU\\Jefry

Not Before

30-03-2022 07:13

Not After

30-03-2023 13:13

Subject

CN=DESKTOP-DSDK4NU\\Jefry

da:b4:64:27:aa:af:d0:b5:77:4c:5b:7f:a0:cd:38:7f:0b:e9:7e:79:d6:d8:76:b5:15:27:0f:86:17:01:00:17
Signer

Actual PE Digest

da:b4:64:27:aa:af:d0:b5:77:4c:5b:7f:a0:cd:38:7f:0b:e9:7e:79:d6:d8:76:b5:15:27:0f:86:17:01:00:17

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy