Static task
static1
Behavioral task
behavioral1
Sample
Purchase Inquiry List.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Purchase Inquiry List.exe
Resource
win10v2004-20231215-en
General
-
Target
Purchase Inquiry List.exe
-
Size
645KB
-
MD5
a43ba259c860a31a93e7d2f0ea2576f7
-
SHA1
80ce37bbc15e052759334a8bde1ef71c5f0b79fd
-
SHA256
3730cb53c74ac925b65e3c43e603f1a2664d5b06d1c9239403a7178ce9c3e4e0
-
SHA512
3e01fd59b33fb9fb340058a17d862b6e3fa7e6d7f2ec42c728193d8ff2d9e73bb86fecaa16079c7c8ce350eb75043c7f6230bb8f214b9584896f418d8c0a7059
-
SSDEEP
12288:UxkjLBJI3n9hGqTWs0zwzeh1TNCmAIyeL1JyMlfeMgu4tgOZ+VDKgDbypx:fjrunAs0zwzehfnAIyeLnJZgu4z+nbyz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Purchase Inquiry List.exe
Files
-
Purchase Inquiry List.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 635KB - Virtual size: 635KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ