init
Static task
static1
Behavioral task
behavioral1
Sample
invoice.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
invoice.dll
Resource
win10v2004-20231215-en
General
-
Target
invoice.dll
-
Size
5KB
-
MD5
8b416c6c6944ed6f7720c1f89aefe47a
-
SHA1
792d5b1e30111cf57060b953791b5382ef16eaad
-
SHA256
9001f585f5efd7fa88775fc49932dfaec2b5c6433e1919576d3dcb0150145e83
-
SHA512
8e8c48e8b666f41600837df80f28d268dbe2a6da3294e637e1d410ce0a3aab0cc28e285cb711ab6f48c9904ff85025e6297a623b500a47c462d7dedb9d8698f7
-
SSDEEP
48:aXl9KWZcjOYjAuQtHYLy4puguQ0FgeX28I3O7rlsFdH+HzWfHheDe6CpVj4SIuCJ:kDSiuQlYmjguQQ28Ie7r2iDCpnIZxw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource invoice.dll
Files
-
invoice.dll.dll windows:6 windows x86 arch:x86
6526e3e361ef98e2fa966436e6eca0f8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrlenW
GetEnvironmentVariableW
GetTempPathW
GlobalAlloc
GlobalFree
lstrcpyW
GetTempFileNameW
CreateDirectoryW
shell32
ShellExecuteW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
oleaut32
VariantInit
SysAllocString
VariantClear
urlmon
URLDownloadToFileW
shlwapi
PathFileExistsW
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 140B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ