Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order-ListSamples_xls.scr
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Purchase Order-ListSamples_xls.scr
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
Specifications.scr
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
Specifications.scr
Resource
win10v2004-20231222-en
General
-
Target
d4a1576213580954e906144a0434fc9df19ce746a726504e70597c58ce9a4fd5.gz
-
Size
1.8MB
-
MD5
d280973512d5e13bb7547d9af39db3eb
-
SHA1
3a505dfbee6e79a1d64c600eda8ceca5e9649c53
-
SHA256
d4a1576213580954e906144a0434fc9df19ce746a726504e70597c58ce9a4fd5
-
SHA512
5da0aaf48f3aaf1a7dd8950c8c1516b864b41a851e72dbf610e6344aa26a559f555f4d3562a90c65ecaffcf7b5782f2935cee0078afc35eab86e80e774e6fdbe
-
SSDEEP
24576:gzH9OvVcTNP8bqo7VEiO2g263c/pQEDr+pnqi6msHDUZ0b:esINUbqwVEz3oQ3nqi6JDQ0b
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/Purchase Order-ListSamples_xls.scr unpack001/Specifications.scr
Files
-
d4a1576213580954e906144a0434fc9df19ce746a726504e70597c58ce9a4fd5.gz.rar
-
Purchase Order-ListSamples_xls.scr.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 904KB - Virtual size: 903KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Specifications.scr.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 912KB - Virtual size: 910KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 100KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ