Static task
static1
Behavioral task
behavioral1
Sample
Yeni sipari_WJO-001.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Yeni sipari_WJO-001.exe
Resource
win10v2004-20240611-en
General
-
Target
Yeni sipari_WJO-001.exe
-
Size
470KB
-
MD5
fe24503eb81fabf579481d5054b74753
-
SHA1
f279d3f02a1aed9da188e8bfcb41c3a0bd43fba1
-
SHA256
404a176d0455a3e99b16c589caf58fcfec84d453d8ff0984222ecbc4ad0fefb1
-
SHA512
b9a3f0ff9c4966296fc27be9d4dc2c0373dbd68884eb842d02615ccb24b868bc9edf61becc54f1625fc7799e4b370a833cb39352709de1c5ec9f762d93f26231
-
SSDEEP
6144:ZTvIrqin80B3jwt05tBFGVEeOPPapTlg81t2/ceUwEt+O7rbeqE612J93Bj:oqix9wt0tNeOPwTlNt2/cKfu+q
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Yeni sipari_WJO-001.exe
Files
-
Yeni sipari_WJO-001.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 413KB - Virtual size: 412KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ