dANQ.pdb
Static task
static1
Behavioral task
behavioral1
Sample
RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.exe
Resource
win10v2004-20240226-en
General
-
Target
87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f.gz
-
Size
958KB
-
MD5
548c8b9d3c2173a948ef8e8f634bf926
-
SHA1
97cdb194570053b259945d956e1ab5b61f7210f8
-
SHA256
87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f
-
SHA512
550ba0c3f47001d5c9b56254045bd8ece71e7154dbeb90c67a7e464c1278c8e0f0a65cba856f18cc1a299e8701645e130e2e65bb9729041ceaeed39a51ca2428
-
SSDEEP
24576:ww2WNz0Rq8h/s/5PE3qo2XOFescJXF42q4dB:OWOxQ5oOOFyeodB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.bat
Files
-
87d5833ba766b841f9b478680e765f78a8db838b37521d31ce0520c0baf7933f.gz.gz
-
RFQ.NO. S70-23Q-1474-CS-P - ORDER 2024.bat.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 972KB - Virtual size: 969KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ