CPgXbbWne.pdb
Static task
static1
Behavioral task
behavioral1
Sample
ORDER_INQUIRY.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ORDER_INQUIRY.exe
Resource
win10v2004-20240412-en
General
-
Target
INQ.zip
-
Size
838KB
-
MD5
d87e15f0c6ee8c903be7183ef177c8c1
-
SHA1
888141add98970eac85dbcd1b87bf2510797ac86
-
SHA256
7b77d58834007e2b1baf6fca2ab6ff31350228b364e199d9648e87651fd84ba8
-
SHA512
df16cb86bcac6e9e436592c03fc8e67fea90508e43e21adff358637c0ae912abffd0547dd4e2cec106a1cd821a68605fed062bdeb82066cc5f0f8e6f1c637213
-
SSDEEP
24576:Qv9JE9OKGuJzEFvof8nnsMftK0myr0hc6DG8Xiq0:QVYxGdS8nsMV0/iq0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/ORDER_INQUIRY.exe_
Files
-
INQ.zip.zip
Password: infected
-
ORDER_INQUIRY.exe_.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 867KB - Virtual size: 866KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 163KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ