nJfOl.pdb
Static task
static1
Behavioral task
behavioral1
Sample
PURCHASE ORDER -HDPESD.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
PURCHASE ORDER -HDPESD.exe
Resource
win10v2004-20240412-en
General
-
Target
PURCHASE ORDER -HDPESD.exe
-
Size
1015KB
-
MD5
2d6113951e16a4336fe1bd44a12134a8
-
SHA1
653e90cfc6e1d07cb6e1da4e1fb8f70ec64fb429
-
SHA256
81fdcde8fbe4d7ad27f94d3bf8b8276aecf45ae7017e6385c6a5f3e472465dac
-
SHA512
e10b3548829c8eb75465b5192cf4026c267b135c8929c3b719f3d2739bc7e93b29f9e048187636130c4e0858314ebf1311291bcbf51458b8b0c6aa3af60e6143
-
SSDEEP
24576:Q94WQZsG8QsWnBeCO4R631r74+aJS8/lsq3hEk2Ku:7ye9MsS8/aqak2Ku
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource PURCHASE ORDER -HDPESD.exe
Files
-
PURCHASE ORDER -HDPESD.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 1012KB - Virtual size: 1011KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ