Static task
static1
Behavioral task
behavioral1
Sample
Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24/Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24.xlsx.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24/Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24.xlsx.exe
Resource
win10v2004-20240709-en
General
-
Target
b6e0d54e8d53f70ee3f609e2a27ce167a7c0b60ab6e8dfea0a104f38a5ee479c.zip
-
Size
650KB
-
MD5
bc83cbb5a91e5a6785feb080fa393ec0
-
SHA1
6bcb1476c31d303b67e4daf76fdfb98fd6bca0f7
-
SHA256
b6e0d54e8d53f70ee3f609e2a27ce167a7c0b60ab6e8dfea0a104f38a5ee479c
-
SHA512
6b2186832c2eaefe7c56e60fcfab912104f2d1fd1c6ce361107a089b7d57ee3e709dfcd350c20cc3dc34cbe878a5bbc2d0f4b9f1e82233be8b4fa20027438ea4
-
SSDEEP
12288:/f/ynP+jqUGuPIJTZb2sH5q5PIBHkpjDY1oCZum4WNbDWlRk2AnYcRdr:/f/ynP+usIJTIsZJU6LZN4WNWfMRdr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24/Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24.xlsx.exe
Files
-
b6e0d54e8d53f70ee3f609e2a27ce167a7c0b60ab6e8dfea0a104f38a5ee479c.zip.zip
-
Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24/Shipping Docs PO#QSB-8927393_2324, QSB-8927394_23-24.xlsx.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 696KB - Virtual size: 696KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ